> For the complete documentation index, see [llms.txt](https://docs.akto.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.akto.io/api-security-testing/how-to/create-custom-test-suites.md).

# Create Custom Test Suites

**Custom Test Suites** in Akto allow you to create tailored sets of security tests that align precisely with your application's unique requirements and risk profile. This feature is essential for teams that want more granular control over their API security testing, beyond the default pre-built Akto test collections.

<div data-with-frame="true"><figure><img src="/files/r54zH8S6oe8eRg786rGP" alt="" width="563"><figcaption></figcaption></figure></div>

### Key Features

* **Flexible Test Selection:**\
  Choose from hundreds of tests across multiple categories, including:
  * Cross-site scripting (XSS)
  * Command Injection
  * Broken Object Level Authorization (BOLA)
  * Security Misconfiguration
  * Local File Inclusion (LFI)
  * Broken User Authentication (BUA)
  * Server Side Request Forgery (SSRF)
  * And more!
* **Category-Level and Individual Test Selection:**\
  You can select entire categories or drill down to individual tests (e.g., specific CRLF Injection tests like HTTP Header Abuse or Apache mod\_userdir CRLF injection).
* **Efficient Management:**\
  Easily search and filter tests to quickly assemble the suite that best suits your needs.
* **Reusable Configurations:**\
  Save your custom test suites for repeated use in different environments or across various stages of your CI/CD pipeline.

### Benefits

* **Precision Testing:** Focus on vulnerabilities that are most relevant to your API's functionality and architecture.
* **Reduced Noise:** Avoid unnecessary test results by excluding irrelevant categories.
* **Compliance & Security Goals:** Customize suites to align with specific compliance requirements (e.g., OWASP Top 10 API Security Risks).

### How to Set Up

1. Navigate to the **Test Suite** section under **Testing** in the Akto dashboard.
2. Click to create a new suite or edit an existing one.
3. Select the required tests by category or by individual items.
4. Name your test suite (e.g., "Custom Suite for Payment APIs").
5. Save your configuration and use it in your testing workflows.

#### View Active and Inactive Tests

In Test Suites, tests are organized into two sections:

* **Active Tests**\
  These are the tests currently enabled in the test suite and will be executed during API security testing.
* **Inactive Tests**\
  These tests are part of the suite but are disabled and will not run unless activated.

This separation allows you to control which tests run without removing them from the test suite.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.akto.io/api-security-testing/how-to/create-custom-test-suites.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.