Azure Security Center can now scan container images in Azure Container Registry for vulnerabilities. The image scanning works by parsing the container image file, then checking to see whether there are any known vulnerabilities (powered by Qualys).
Source: Azure Roadmap