In this release, GNOME defaults to
>using the Wayland display server instead of Xorg.
Wayland has a simpler and more modern design, which has advantages for security.
However, the Xorg display server is still installed by default and the default display manager allows users to choose Xorg as the display server for their next session.
Thanks to the Reproducible Builds project, over 91% of the source packages included in Debian 10 will build bit-for-bit identical binary packages.
For those in security-sensitive environments AppArmor, a mandatory access control framework for restricting programs' capabilities, is installed and enabled by default.
Furthermore, all methods provided by APT (except cdrom, gpgv, and rsh) can optionally make use of "seccomp-BPF" sandboxing. The https method for APT is included in the apt package and does not need to be installed separately... Secure Boot support is included in this release for amd64, i386 and arm64 architectures and should work out of the box on most Secure Boot-enabled machines.
The announcement touts Debian's "traditional wide architecture support," arguing that it shows Debian "once again stays true to its goal of being the universal operating system." It ships with several desktop applications and environments, including the following:
Cinnamon 3.8
GNOME 3.30
KDE Plasma 5.14
LXDE 0.99.2
LXQt 0.14
MATE 1.20
Xfce 4.12
"If you simply want to try Debian 10 'buster' without installing it, you can use one of the available live images which load and run the complete operating system in a read-only state via your computer's memory... Should you enjoy the operating system you have the option of installing from the live image onto your computer's hard disk."