Thanks for choosing LANDESK. A compliance scan pulls the definitions listed in your Compliance group and "the definitions and associated patch files contained in the Compliance group are copied to a special remediation server that scans devices, determines compliance or non-compliance, and can remediate non-compliant devices so that they can be granted full access to the corporate network". A Security Scan, scans your managed devices based off the definitions listed in your scan group. This will outline which definitions are "detected or not detected" as being vulnerable on those systems. Please refer to the following URL (http://help.landesk.com/Topic/Index/ENU/LDMS/9.5/Content/Windows/patch_t_use_tool_window.htm.) This will hopefully provide a better understanding of the Patch and Compliance tool.