vulnerability testing

Has anyone done a full suite of vulnerability testing of the ecommerce code? e.g. sql injection, cross site scripting, etc. Is this part of the usual integration testing?