While you are technically correct, the reality is that the most serious security vulnerabilities are almost all directly related to buffer overruns (on read or write), allowing an attacker to read or write arbitrary memory. Everything else is a second-class citizen by comparison; denying service by causing Apache to repeatedly crash is far lower priority than compromising all traffic and stealing credentials.
So when we look at that class of serious problems, we find that managed memory languages completely eliminate them.
Relying on people to "just drive better" is an automatic failure. We design everything from signs/road markings to cars themselves around the idea that relying on humans to be perfect is pure idiocy, so we need to create affordances that lower cognitive load, along with automatic systems that attempt to avoid collisions and mitigate their consequences when they occur.
Similarly, just relying on programmers to never make mistakes is guaranteed to lead to more exploits like Heartbleed. It's pure stupidity.
If OpenSSL were written in Rust or C#, it wouldn't be quite as fast, but we wouldn't be looking at years of government spies completely negating SSL, forcing all webservers on the *entire* internet to replace their SSL keys, instantly obsoleting hardware that can't be upgraded, exposing user's data (including login credentials) to attackers thus requiring EVERY FUCKING USER ON THE INTERNET TO CHANGE THEIR PASSWORDS.
Was the tiny performance benefit worth what we have now paid for it?
Of course we're going to continue using C and getting burned over and over and over. Who needs air bags? Just drive better.