Microsoft designed Secure Boot to protect the computer from low-level exploits and rootkits and bootloaders. A security process shared between the operating system and Unified Extensible Firmware Interface (UEFI, replacing the BIOS), Secure Boot requires all the applications that are running during the booting process to be pre-signed with valid digital certificates. This way, the system knows all the files being loaded before Windows 8/10 loads and gets to the login screen have not been tampered with.
If a bootloader has infected your computer and it tries to load during the boot-up sequence, Secure Boot will be able to undo all the changes and thwart the attack. Having Secure Boot means it is that much harder for attackers to try to compromise the start up sequence.