Why OpenBSD: security


compromised system -> services down -> customer(s) unhappy
compromised system -> data theft -> customer(s) unhappy
in short: compromised system -> customer(s) unhappy -> more work for us

most services public, internet reachable
attack surface is big

have to run questionable 3rd party code
do you trust PHP? Java?
mitigation techniques and randomization important