I'm looking into a hosting company where you deploy OS from scratch. I say deploy as that seems to be automated process, kind of image. As the kernel updates are released, a reboot brings them on.
I wonder what needs to be done once you, for example, install CentOS? What's that what shared hosting companies do between OS installation until the server is ready? In other words, is OS by itself good to go from security perspective, or there are things that have to be done?
A good hosting company will do server hardening, set firewall, file/directory access and other restrictions to the maximum level possible without interfering with the basic functionality of the server. They will also remove all services which aren't necessary but may pose a risk if they contain bugs (think of Bluetooth and USB drivers, fancy display drivers, RPC servers etc) and will add services or functionality to remotely monitor the hardware function of the server to jump in to replace hard disks or other failing hardware before you know something bad was happening.
all necessary software will need configuring and installing as well. apache and virtual hosts, (php/mysql probably), sendmail and virtual email accounts, ftp server and accounts. i've done this a couple of times and it's a real headache, albeit a good learning experience. depends whether you have the time or knowledge.
although i've never used something like cpanel or plesk, they can do a lot of the above for you.