Secure Boot

Security+ 🏆 • Secure Development ⚙️ • Security Operations 🛡️ • Difficulty: free

Definition

Secure Boot is a security feature that helps ensure a device starts using only trusted, digitally signed boot software. It prevents unauthorized or tampered bootloaders, firmware components, and operating system loaders from running during startup, reducing the risk of bootkits and other low-level malware.

Examples

A company enables Secure Boot so only approved, signed operating system boot components can load on employee laptops.
A compromised device fails to boot after a tampered bootloader is detected because it is not signed by a trusted key.

Discover 🔎

Some of the most damaging malware tries to load before the operating system, because that gives it deep control and makes it harder to detect. Secure Boot exists to protect that early startup phase. It helps a device verify that the software being loaded at boot time is authentic and has not been modified.

Remember: Secure Boot is about trust during startup. It helps stop tampered boot components from running before the operating system defenses are active.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.