This document discusses application security fundamentals and outlines various threats including script kiddies, hacktivists, hackers, cyber criminals, and advanced persistent threats. It then discusses the goals of application security which are confidentiality, integrity, and availability. Finally, it introduces the application security hierarchy which includes goals, mechanisms, and principles to guide security decisions and techniques.