I don't think there is a right answer either. Go with Debian stable or something similar, you get older software, you get security updates for that software but rarely do you get updates that only fix bugs or add new features. Go with Arch Linux, you get new software, you get security updates due to the packages being updated very frequently, but then you run the risk of newer software containing unknown issues and bugs. For example - https://www.archlinux.org/news/data-corruption-on-software-raid-0-when-discard-is-used/
Personally i use Arch Linux on my desktop (before that was Debian Sid, Debian Stable) for me, Debian's way of doing releases and packages doesn't work for me as a desktop OS but as a server OS it certainly does. Now i can use Arch Linux as a server OS too, but then the question is do i want to have a server running such new software.
In regards to security, i'd love to see some data showing CVE's throughout the year and listing what distro was first to patch/update their affected packages, though i doubt anyone collects data about it.
Summary notes:
P.S. Thanks for the shout out on your prior video, Mark!
What distros are you reviewing next? I have two personal favorite distros on my six year old laptops that I'd like to recommend for consideration (neither gets reviewed as often as I think they should):
app-emulation/fs-uae [1] Available versions: (~)2.2.0 {launcher} Homepage: http://fengestad.no/fs-uae Description: a multi-platform Amiga emulator
Also available in Gentoo and in so many other distributions.