Yes, the book mentions a number of tools that can be used. More importantly though, security is about way more than just tools and the book does a good job of going into things like
patterns and anti-patterns, design flaws, coding practices, and
Java APIs that you can use to write more secure web applications.