Patch Compliance
Compliance reporting tied to real Jamf patch data, not decorative percentages.
Patch Compliance uses the patch counts Jamf actually returns for a title. It keeps the denominator explicit, separates unknown device states from the percentage, and shows version distribution and freshness as their own evidence lanes.
Jamf patch countsUnknown states excluded and disclosedDrill-down evidence
How compliance is calculated
Compliance percentage is calculated from devices with known patch state only: compliant ÷ (compliant + noncompliant).
- Unknown-status devices are not counted as compliant.
- Unknown-status devices are not hidden; they are surfaced separately.
- If Jamf does not return usable counts for a title, the title remains unknown rather than receiving a synthetic percentage.
Version distribution and freshness
Version rows and inventory freshness are shown separately from the compliance percentage. This matters because Jamf may return accurate patched or unpatched counts even when version detail or freshness detail is partial.
Why those states stay separate
A clean percentage does not automatically mean the version distribution is complete or that inventory freshness was assessed at summary level. Veridominus keeps those facts separate on purpose.
What drill-down shows
- Patch title and threshold basis
- Compliant, noncompliant, and unknown device counts
- Version distribution when Jamf returns it and it reconciles cleanly
- Device detail and last-contact freshness where Jamf exposes it
Coverage notes
- Jamf endpoint coverage varies by Jamf version, so some titles fall back to partial version context.
- Unknown-status devices can be counted even when Jamf does not expose a corresponding device row for each unknown case.
- Patch Compliance is operational reporting. It is not a universal software bill of materials or endpoint risk score.