PC and consoles have very different approaches.

On consoles, the platform security depends on the closed nature of the platform. The discs are custom made and cannot be copied correctly or even read by PC drives. The console checks the discs for authenticity.

Digital console games all have there executables signed by the platform provider and contains a license encrypted only to the particular security processor in each console. Only that console can decrypt, verify the keys and decrypt the actual game package to be able to run it.

Making sure the console always boots from genuine console software so it’s not possible to bypass any of the checks, or dumping out keys and decrypted game packages is the core of console security.

On PCs it’s a different story. PCs are open platforms so anything has to have an unencrypted piece of code to start from even if the rest of the content is encrypted, meaning they eventually get dumped unencrypted and modified to skip checks, instead the game publishers choose to obfuscate the executable as much as possible using tools like Denuvo, making it harder to find where the checks are and patch them out.

This only need to buy enough time for most of the game sales to take place. After which the publishers usually release de-obfuscated version of the game because obfuscation slows things down. That’s what you see as publishers releasing DRM-free patches.