There is a fundamental difference between how security must be done in web2 vs web3. Web2 security is about response vs. web3 security is more about prevention. This is because in web3, transactions cannot be changed once executed. In order to protect yourself, most security measures must be built in to verify if transactions should happen in the first place.