Web application vulnerabilities continue to be a serious problem. Retailers accounted for the bulk of attacks on Web applications, according to Solutionary, which said cybercriminals are very likely trying to access the databases containing credit card data. A SQL injection attack against a company's custom application source code repository proved extremely costly, according to the study. Identifying, responding to, and investigating the incident cost the firm more than $26,000, Solutionary said. Improved software security processes, robust monitoring and verbosity of logs can help reduce the costs.