For this writing, I’ll focus on the OOTB experience. Furthermore, a daily driver for general use is assumed. I’ll also try to keep it (relatively) brief and concise for the sake of brevity. The tier list found below goes from worst to best.

• Tier -1 : Actively detrimental distros. Joke/meme distros, abandoned/discontinued projects and even outright malicious products. Simply don’t use for production. The likes of Hannah Montana Linux and Red Star OS comes to mind.
• Tier 0 : Unopinionated distros. These should be regarded as blank canvases from which it’s expected that you meld and forge it to your liking. As such, at least by default, they offer nothing in this regard. However, it’s possible to build a fortress if you wish. Both Arch and Gentoo fall under this category.
• Tier 1 : Distros that have put in some work into security, but ultimately fall short. These distributions include security features and maintain regular updates, but their implementation choices can introduce security compromises. This tier often includes derivatives that modify their parent distribution’s security model, sometimes prioritizing convenience over security best practices. While it may be suitable for general use, they may not provide the same security guarantees as their upstream sources.
• Tier 2 : Distros with sane security defaults that rely on backports for their security updates. These distributions prioritize stability while maintaining security through careful backporting of security fixes. Rather than updating entire packages, they selectively patch security vulnerabilities into their stable versions. This approach provides a good balance of security and stability, though it means newer security features might take longer to arrive (if at all). Debian and Ubuntu are prime examples of this.
• Tier 3 : Distros with excellent security defaults and a (semi-)rolling release. For most normies, this is as secure as it needs to be. As it’s on a (semi-)rolling release, it receives security updates as soon as they come. Furthermore, this also allows them to benefit from new security features as soon as they appear. Curiously, the two distros that most resonate with this, i.e. Fedora and openSUSE Tumbleweed, are also known to innovate (and thus are pack leaders) when it comes to security solutions. FWIW, their respective atomic/immutable distros also belong in this tier.
• Tier 4 : Security-first distros. The crème de la crème. These are probably overkill for most people. This is also the first (and only) tier that may sacrifice usability and function for the sake of security. If your highest priority is security, then you can’t go wrong with this one. Kicksecure and secureblue are its flag bearers.

I’d personally grant Linux Mint a position in tier 2, though perhaps others would go with tier 1 instead. As such, a step-up would be a distro from either Fedora or openSUSE.