diff --git a/windows/security/threat-protection/windows-defender-system-guard/images/system-guard.png b/windows/security/threat-protection/windows-defender-system-guard/images/system-guard.png
new file mode 100644
index 0000000000..f585df35a2
Binary files /dev/null and b/windows/security/threat-protection/windows-defender-system-guard/images/system-guard.png differ
diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md
index e39edae663..a4952c6f00 100644
--- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md
+++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md
@@ -29,6 +29,17 @@ Each option has a drawback:
 - A list of known 'good' SRTM measurements requires each new BIOS/PC combination measurement to be carefully added, which is slow. 
 In addition, a bug fix for UEFI code can take a long time to design, build, retest, validate, and redeploy.
 
+## Secure Launch - The Dynamic Root of Trust for Measurement (DRTM)
+
+Windows Defender System Guard Secure Launch, first introduced in Windows 10 version 1809, aims to alleviate this issue by leveraging a technology known as the Dynamic Root of Trust for Measurement (DRTM). 
+DRTM lets the system freely boot into untrusted code initially, but shortly after launches the system into a trusted state by taking control of all CPUs and forcing them down a well-known and measured code path. 
+This has the benefit of allowing untrusted early UEFI code to boot the system, but then securely transitioning into a trusted state.
+
+![System Guard](images/system-guard.png)
+
+
+
+