Pre-boot context-based security mitigation

What is claimed is: 1. A method comprising: determining, by a processor, a pre-boot security posture of an information handling system by capturing state of a basic input/output system (BIOS) security indicator during a boot device selection phase of a boot process. wherein the pre-boot security posture indicates a pre-boot security status of an external device associated with the information handling system; updating an advanced configuration and power interface mitigation table based on the pre-boot security posture according to the state of the BIOS security indicator; receiving a security mitigation policy; updating a security mitigation table based on the security mitigation policy; determining a security mitigation corresponding to the pre-boot security posture captured during the boot device selection phase of the boot process, wherein the security mitigation is based on a protection flag in the advanced configuration and power interface mitigation table and the security mitigation table; and applying the security mitigation by an operating system to mitigate the pre-boot security status of the external device. 2. The method of claim 1 , wherein the determining of the pre-boot security posture is performed during a driver execution environment phase. 3. The method of claim 1 , wherein the security mitigation table includes a mapping of an indicator of attack to the security mitigation. 4. The method of claim 1 , wherein the security mitigation policy is received from a device management solution. 5. The method of claim 1 , further comprising providing a logon type to be used by a logon service of the information handling system. 6. The method of claim 1 , wherien the security mitigation is applied to a modern client. 7. The method of claim 1 , wherein the security mitigation is applied to a thin client. 8. An information handling system, comprising: a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the information handling system to: determine a pre-boot security posture of the information handling system by capturing state of a basic input/output system (BIOS) security indicator during a boot device selection phase of a boot process, wherein the pre-boot security posture indicates a pre-boot security status of an internal device of the information handling system; update an advanced configuration and power interface mitigation table with the pre-boot security posture according to the state of the BIOS security indicator; update a security mitigation table based on a security mitigation policy; determine a security mitigation corresponding to the pre-boot security posture captured during the boot device selection phase of the boot process, wherein the security mitigation is based on a protection flag in the advanced configuration and power interface mitigation table and the security mitigation table; and apply the security mitigation by an operating system to mitigate the pre-boot security status of the internal device. 9. The information handling system of claim 8 , wherein the determination of the pre-boot security posture is performed during a driver execution environment phase. 10. The information handling system of claim 8 , wherein the security mitigation table includes a mapping of the pre-boot security posture to the security mitigation. 11. The information handling system of claim 8 , wherein the advanced configuration and power interface mitigation table is received from a device management solution. 12. The information handling system of claim 8 , further comprising providing a credential type to be used by a logon service of the information handling system. 13. The information handling system of claim 8 , wherein the security mitigation is applied to a modern client. 14. The information handling system of claim 8 , wherein the security mitigation is applied to a thin client. 15. A non-transitory computer-readable medium to store instructions that are executable to perform operations comprising: determining a pre-boot security posture of an information handling system by capturing state of a basic input/output system (BIOS) security indicator during a boot device selection phase of a boot process, wherein the pre-boot security posture indicates a pre-boot security status of an external device associated with the information handling system; updating an advanced configuration and power interface mitigation table with the pre-boot security posture according to the state of the BIOS security indicator; updating a security mitigation table based on a security mitigation policy; determining a security mitigation corresponding to the pre-boot security posture captured during the boot device selection phase of the boot process. wherein the security mitigation is based on an indicator of attack associated with a protection flag in the advanced configuration and power interface mitigation table and the security mitigation table; and applying the security mitigation by an operating system to mitigate the pre-boot security status of the external device. 16. The non-transitory computer-readable medium of claim 15 , wherein the determining of the pre-boot security posture is performed during a driver execution environment phase. 17. The non-transitory computer-readable medium of claim 15 , wherein the security mitigation table includes a mapping of the indicator of attack to the security mitigation. 18. The non-transitory computer-readable medium of claim 15 , wherein the advanced configuration and power interface mitigation table is received from a device management solution. 19. The non-transitory computer-readable medium of claim 15 , wherein the security mitigation is applied to a modern client. 20. The non-transitory computer-readable medium of claim 15 , wherein the security mitigation is applied to a thin client.