Question about a book

["Worrell, Brian" <BWorrell () isdh IN gov>]

Has anyone read the book "The Web Application Hacker's Handbook
Discovering and Exploiting Security Flaws"?
 
If so, what do you think about it?  Soon I will have to do Risk
Assessments of our Web Applications that we are going to deploy, and
need something that would help me when it comes to the most common tests
or vulnerabilities.
 
Knowing that there are many options, if this book is not very good, does
anyone else know of a resource for Web App assessments?
 
Thank you,
 
Brian Worrell
Information Security Manager and Security Officer
Office of HIPAA Compliance
Indiana State Department of Health
2 North Meridian Street
Indianapolis, IN  46204
o: (317) 233-4945