I have been trying to do this via "$vmhost | Get-VirtualPortGroup" which does not seem to work.

So I normally fire up the Powershell ISE and lookup the command option from the side toolbar, the "VMHost" option was not listed there.

I will give this method a try, thanks.

It depends what you have in $vmhost.
Is that an object returned by Get-VMHost or a String?
The latter will not work in this way.

Also,

Get-Module -Name VMware* -ListAvailable

check which PowerCLI version you are using.
You might benefit from an upgrade if you are using an older version.

$vmhost was an object obtained from 

$vmhost = Get-VMHost <FQDN of host>

This did not work.

Which PowerCLI version are you using?

Version 12 I believe

What error did you get when you said "This did not work."
Can you show the code and the eventual error message?

$vmhost | Get-SecurityPolicy -VirtualPortGroup EPG-CORE-MGMT
Get-SecurityPolicy : The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or
the input and its properties do not match any of the parameters that take pipeline input.
At line:1 char:11
+ $vmhost | Get-SecurityPolicy -VirtualPortGroup EPG-CORE-MGMT
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (<Hostname>:PSObject) [Get-SecurityPolicy], ParameterBindingException
+ FullyQualifiedErrorId : InputObjectNotBound,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.GetSecurityPolicy

Earlier you said you did

$vmhost | Get-VirtualPortGroup

now you say you do

$vmhost | Get-SecurityPolicy -VirtualPortGroup EPG-CORE-MGMT

which of course doesn't work since the Get-SecurityPolicy cmdlet does only take a VirtualPortgroup object over the pipeline, not a VMHost object.
Why don't you just use the code I gave at the beginning of this thread?

I am going to try it but I do believe you when you say it works, the rest after that is just me answering your questions. I will report back if there are any problems.