> For the complete documentation index, see [llms.txt](https://docs.akto.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.akto.io/api-protection/concepts/successful-exploits.md).

# Successful Exploits

**Successful Exploits Policy**

Customizable filters that mark detected security threats by Akto's Runtime Threat Protection as successful exploits in the Threat Activity dashboard.

**How to configure**

Go to **API Threat Detection → Threat Activity** in the left sidebar. Click **More Actions → Configure Successful Exploit**.

**Note:** Policies must use category name `SuccessfulExploit`

**Syntax Reference:** For detailed syntax on how to define API selection filters, see [API Selection Filters](https://docs.akto.io/test-editor/concepts/test-yaml-syntax-detailed/api-selection-filters).

<figure><img src="/files/xb5OYYALiDUhHdrJZBPd" alt=""><figcaption></figcaption></figure>

**Example Successful Exploit Policy**

Marks all threats as successful exploits when the URL contains `test`.

```
id: SuccessfulExploit
filter:
  url:
    contains_all:
      - "test"

info:
  name: "SuccessfulExploit"
  description: "Marks threats as successful exploits"
  details: "Identifies which threat activities were actual successful attacks"
  impact: "Distinguishes real attacks from false positives"
  category:
    name: "SuccessfulExploit"
    displayName: "SuccessfulExploit"
  subCategory: "SuccessfulExploit"
  severity: HIGH
```

<figure><img src="/files/8JaRXjXYnYZ9DHilPkBk" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.akto.io/api-protection/concepts/successful-exploits.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.