Core dumps are disabled as they contain the recorded state of the working memory of a program at a specific time, usually when that program has crashed. This can contain lots of important information such as encryption keys and passwords.
is set in /etc/systemd/coredump.conf.d/disable-coredumps.conf to disable them, kernel.core_pattern=|/bin/false is set in /etc/sysctl.d/disable-coredumps.conf and * hard core 0 is set in /etc/security/limits.conf