SElinux is more capable in theory but so much less usable/discoverable in practice that I suspect anybody who isn't truly dedicated to doing SElinux right will end up averaging better security via the systemd route.
(and I say this based on both observation and personal experience, I have some stuff to harden later this year and I'm really hoping I'll be able to involve somebody who -has- that level of SElinux knowledge but plan B is almost certainly going to be 'mst does his best with the unit configs')
As someone who does a fair amount of SELinux professionally, Iād mostly agree with this: getting started can be daunting, so one could likely get far more value from a short time focusing on systemd security.
But if one can spare the time, SELinux can secure everything, not just systemd services.
That's why I won't even try to suggest SELinux is easier. It's definitely easier to apply some sandboxing through systemd, but it's pretty coarse grained and mostly seems to hit some relatively easy wins involving capabilities dropping and stuff that is often hidden deep inside PAM. Good start, but I wouldn't call it "better" ultimately.
(and I say this based on both observation and personal experience, I have some stuff to harden later this year and I'm really hoping I'll be able to involve somebody who -has- that level of SElinux knowledge but plan B is almost certainly going to be 'mst does his best with the unit configs')