The Register gleaned some details about Windows 10 Device Guard at RSA but there is still a lot we do not know about it.  It is an optional service that can be enabled by an administrator and it checks every application launched to see if it has been signed by Microsoft as a trusted binary before letting it run.  While certainly good for security it may cause some issues for developers who have not gone through the vetting process to have your app approved for the Microsoft Store.  Device Guard is also separated from the WinX kernel, if your machine does become infected, Device Guard will still not allow unsigned apps to run.  You will need hardware which supports input/output memory management unit (IOMMU) to use Device Guard, thankfully that technology is present on most current PC hardware, though not so prevalent on the mobile front.

"The details are a little vague – more information will emerge at the Build event next week – but from what we can tell, Device Guard wraps an extra layer of defense around the operating system to prevent malware from permanently compromising a PC."

Here is some more Tech News from around the web:

Tech Talk