I haven’t used mint in a while but did for a few years. The out of the box experience (at that time) was better.
Article from 2011:
Linux Mint 11 is a very respectable and speedy distribution and is comparatively very media friendly and easy to use out of the box for newcomers. These qualities likely have contributed to the operating system’s place on the Top 5 Linux Distribution list.
https://pcper.com/2011/11/linux-mint-rising-in-popularity-and-surpassing-ubuntu-for-top-spot/
More contemporary Mint users chime in here with why they prefer Mint:
https://forums.linuxmint.com/viewtopic.php?t=383991
Take a hugely popular distro which alienates some some users with some issues or unappealing GUI choices, Mint comes along and polishes it further and you end up with a distro that is just perfect for that niche.
I think quite a few Ubuntu users migrated to KUbuntu or Mint when Canonical made Unity the default (in Ubuntu 11.04).
Do a search for you server OS + STIG
Then, for each service you’re hosting on that server, do a search for:
Service/Program name + STIG/Benchmark
There’s tons of work already done by the vendors in conjunction with the DoD (and CIS) to create lists of potential vulnerable settings that can be corrected before deploying the server.
Along with this, you can usually find scripts and/or Ansible playbooks that will do most of the hardening for you. Though it’s a good Idea to understand what you do and do not need done.