I opened this case to inquire about the status of new capim package 14.10.40.137 support for UEFI / Secureboot option.
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/release-announcements/CA-Privileged-Access-Manager-Server-Control-Endpoint-Compatibility-Matrix/16749
Release : 14.0
Secure boot is a feature of the operating system which evaluates any module that tries to load into the kernel on both Linux and Windows. The basic concept is to have the OS validate not just the name of a module but also its authenticity to ensure it was not maliciously updated between reboots. This is done through code signing of the modules. Because this is a feature of the operating system and not specific to PAMSC, we cannot force or directly control how the operating system does this. At the time of writing this article we can support Microsoft Windows and most Linux operating system versions using a version 4.x kernel and below. Recent changes have required us to make additional changes. The only place to confirm what build of the endpoint supports this feature and on what operating systems is our compatibility and download page. Please review this web page to answer this question for each OS release.