Contract security

This section deals with contract-specific security. That is, issues whose scope doesn't extend past some Solidity files or EVM bytecode.

There are additional risks and security considerations for when you have a full-blown "Web3" or "Web 3.0" application.

The difference is that there you are connecting more traditional web app code to Ethereum somewhere. Could be client-side with JavaScript or server-side or maybe both.