---
title: What's new in Trusted Platform Module (Windows 10)
description: This topic for the IT professional describes new features for the Trusted Platform Module (TPM) in Windows 10.
ms.assetid: CE8BBC2A-EE2D-4DFA-958E-2A178F2E6C44
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security, mobile
author: brianlic-msft
redirect_url: https://technet.microsoft.com/itpro/windows/keep-secure/trusted-platform-module-overview
---

# What's new in Trusted Platform Module?

**Applies to**
-   Windows 10
-   Windows 10 Mobile
-   Windows Server 2016

This topic for the IT professional describes new features for the Trusted Platform Module (TPM) in Windows 10.

## New features in Windows 10, version 1511

-   Key Storage Providers (KSPs) and srvcrypt support elliptical curve cryptography (ECC).

## New features in Windows 10

The following sections describe the new and changed functionality in the TPM for Windows 10:
-   [Device health attestation](#bkmk-dha)
-   [Microsoft Passport](microsoft-passport.md) support
-   [Device Guard](device-guard-overview.md) support
-   [Credential Guard](credential-guard.md) support

## <a href="" id="bkmk-dha"></a>Device health attestation

Device health attestation enables enterprises to establish trust based on hardware and software components of a managed device. With device heath attestation, you can configure an MDM server to query a health attestation service that will allow or deny a managed device access to a secure resource.
Some things that you can check on the device are:
-   Is Data Execution Prevention supported and enabled?
-   Is BitLocker Drive Encryption supported and enabled?
-   Is SecureBoot supported and enabled?

> **Note**  The device must be running Windows 10 and it must support at least TPM 2.0.
 
[Learn how to deploy and manage TPM within your organization](../keep-secure/trusted-platform-module-overview.md).