About
Secure Boot is a standard defined within the UEFI to ensure the host only runs software trusted by the Original Equipment Manufacturer (OEM). It does this by validating the digital certificate of the bootloader and critical drivers during boot.
In theory, by only running trusted software during boot, the host establishes a chain of trust on boot, preventing malicous software from running before the system loads.