About Patch Groups
Security Controls provides the ability to use a patch group to scan for a particular set of patches.
Example 1: Suppose Company A has a patch approval process under which they've certified four patches as being mandatory for their organization. They want to scan just for those four patches, receive compliance reports, and then be able to patch for those specific items. By creating a patch group, they can then scan for only those selected patches.
Example 2: Suppose you identify a certain patch as being critical for your organization. You can create a patch group with just this patch. When you create the group, you can browse patches from the list and select a product and product level and then a patch. Security Controls will scan for all instances of that QNumber, not just for the product and product level that you select. You can perform a scan using the patch group and a scan will be done just for the selected patch.
When scanning for the specified patches, the program will reference the Tools > Options > Scan > Use replacement patches setting to determine if patches that have been replaced should be included in the scan results.
When Security Controls uses a patch group to scan for selected patches, it always scans for and reports on the status of all product levels.