Virtualisation and Secure Boot are no security features
Since they both either promote or enforce insecure closed code.
Secure Boot only makes sure you cannot boot vendor approved code... which isn't necessarily more secure than just any code. In fact denial of service attacks have already been found my accident, occurring with valid input. (just think of the EFI bugs)
Virtualisation sounds like a good idea at first, however most environments are terribly leaky. Quite often you will be able to snatch (part of) secret keys through the borders of virtualisation. It's a convenience feature, allowing you to share hardware, but not a security feature.