Secure Boot is a facility of UEFI, the firmware, to restrict which bootloaders and OSes can load, and prevent them from loading if a signature check fails. It makes sure that the firmware knows and trusts the OS.
"SRTM" is a facility of the TPM to inspect what firmware and bootloaders have already loaded and executed, and refuse to unlock an encryption key, attest to the network, etc. if the hashes don't match. It requires a TPM (Secure Boot does not), and crucially it cannot prevent anything from running. It can just refuse to do cryptographic operations depending on what has run. It makes sure that the OS knows and trusts the firmware.
They both have the effect of blocking boot sector malware (although from opposite directions), but the way that they work, the requirements for setting them up, the flexibility you get, and the other threats they defend against are rather different. And complementary, it's often a good plan to use them together to tie a nice knot.
("Boot Guard," the topic of this article, is something else entirely, where the hardware checks the signature on the firwmare. The firmware in turn can Secure Boot if it wants.)
Secure Boot is a facility of UEFI, the firmware, to restrict which bootloaders and OSes can load, and prevent them from loading if a signature check fails. It makes sure that the firmware knows and trusts the OS.
"SRTM" is a facility of the TPM to inspect what firmware and bootloaders have already loaded and executed, and refuse to unlock an encryption key, attest to the network, etc. if the hashes don't match. It requires a TPM (Secure Boot does not), and crucially it cannot prevent anything from running. It can just refuse to do cryptographic operations depending on what has run. It makes sure that the OS knows and trusts the firmware.
They both have the effect of blocking boot sector malware (although from opposite directions), but the way that they work, the requirements for setting them up, the flexibility you get, and the other threats they defend against are rather different. And complementary, it's often a good plan to use them together to tie a nice knot.
("Boot Guard," the topic of this article, is something else entirely, where the hardware checks the signature on the firwmare. The firmware in turn can Secure Boot if it wants.)