The Application Layer sits around the Domain. It doesn't contain business logic itself; it coordinates the domain objects to satisfy a specific user requirement (a "Use Case").
In modern .NET, we often use **MediatR** to define Use Cases. Each Request (e.g., CreateUserCommand) has a corresponding Handler. The handler is the 'traffic cop': it loads the aggregate, calls a domain method, publishes events, and tells the Unit of Work to save.
The Application layer defines **DTOs (Data Transfer Objects)**. It's dangerous to return your raw Domain Entities to the UI. Instead, the Application layer maps the Entity data into a DTO. This prevents "Leakage" where the UI accidentally depends on internal domain details, allowing you to change your domain without breaking your API contract.
Q: "Where does cross-cutting logic like logging or security go?"
Architect Answer: "The Application layer is the perfect place for these. Using **Pipeline Behaviors** in MediatR, you can 'wrap' every use case in a logging transaction or a security check without cluttering the business logic. This keeps your handlers focused 100% on coordinating the use case."