Add a dedicated AI Tools URL category to Zscaler, Netskope, iboss, or any SWG with custom URL categories. Our API-driven feed delivers 16,037+ domains across 18 categories — updated daily, no manual list management.
SWG platforms classify web traffic into URL categories for policy enforcement and visibility. When it comes to AI tools, most vendors added a single monolithic "Generative AI" or "AI/ML" category in late 2023 — and it falls short in three critical ways.
The workflow is the same across vendors: create a custom category, populate it with domains from our feed, and reference that category in your web policy rules. The differences are in how each platform ingests external lists and refreshes them.
/urlCategories endpoint to push domain entries from our feed. Create multiple categories to segment by AI-tool type.
# Zscaler ZIA API: Create and populate a custom AI Tools URL category # Step 1: Authenticate and obtain session token curl -X POST "https://zsapi.zscaler.net/api/v1/authenticatedSession" \ -H "Content-Type: application/json" \ -d '{ "apiKey": "YOUR_ZIA_API_KEY", "username": "[email protected]", "password": "YOUR_PASSWORD", "timestamp": "1720483200000" }' # Step 2: Fetch AI tool domains from our feed curl -s "https://feeds.aitoolsblocklist.com/v1/domains?format=json&key=YOUR_API_KEY" \ | jq '[.domains[].domain]' > /tmp/ai_domains.json # Step 3: Create custom URL category with AI tool domains curl -X POST "https://zsapi.zscaler.net/api/v1/urlCategories" \ -H "Content-Type: application/json" \ -H "Cookie: JSESSIONID=SESSION_TOKEN" \ -d '{ "configuredName": "AI Tools - Blocked", "superCategory": "USER_DEFINED", "customCategory": true, "type": "URL_CATEGORY", "urls": ["chatgpt.com","openai.com","claude.ai","anthropic.com", "gemini.google.com","midjourney.com","runway.com", "character.ai","perplexity.ai","jasper.ai"], "dbCategorizedUrls": [], "description": "AI tool domains from AI Tools Blocklist feed" }' # Step 4: Activate changes curl -X POST "https://zsapi.zscaler.net/api/v1/status/activate" \ -H "Cookie: JSESSIONID=SESSION_TOKEN"
/api/v2/policy/urllist endpoint to manage lists inline with Real-time Protection policies.
Custom URL categories via API with up to 25,000 URLs per category. Supports automated sync via cron or orchestration tools. Native policy integration with URL filtering, Cloud Firewall, and DLP engines. Multi-tenant support through ZIA sub-clouds.
URL lists via REST API v2 with inline evaluation in Real-time Protection policies. Combine with CCI scores for risk-aware AI blocking. Supports granular per-app policies and adaptive access controls based on user behavior and device posture.
Custom categories via API and bulk import. Inline evaluation alongside built-in categories with configurable precedence. Policy group association for per-department blocking. Supports both cloud-proxy and ZTNA deployment modes.
All major AI tools communicate over HTTPS. Without SSL inspection, your SWG sees only the destination domain in the TLS SNI field and DNS queries — enough for basic domain-level blocking, but not for advanced controls.
SSL inspection becomes essential for three use cases that most organizations eventually require.
app.vendor.com/ai-assistant vs. app.vendor.com). Without SSL inspection, blocking the domain blocks the entire application. With decryption, your SWG examines the URL path and applies different actions per resource.
Sufficient for domain-level blocking. No certificate deployment required. Zero performance impact. Covers the majority of AI-tool blocking use cases where you want to block entire domains. Works with both cloud-proxy and DNS-based enforcement modes. Our domain feed is optimized for SNI matching patterns.
Required for URL-path-level policies, DLP content inspection, and response analysis. Requires trusted CA certificate on managed endpoints. Adds latency proportional to traffic volume. Necessary for detecting data exfiltration to AI tools. Some certificate-pinned AI apps may require bypass rules.
Many organizations need a nuanced approach: allow employees to use approved AI tools while preventing sensitive data uploads. Inline DLP integrated with your SWG makes this possible.
# Automation script: Sync AI tool domains to Zscaler ZIA custom category # Run daily via cron to keep the SWG category current #!/bin/bash ZIA_CLOUD="zsapi.zscaler.net" API_KEY="YOUR_ZIA_API_KEY" FEED_KEY="YOUR_BLOCKLIST_API_KEY" CATEGORY_ID="CUSTOM_01" # Authenticate to ZIA SESSION=$(curl -s -X POST "https://$ZIA_CLOUD/api/v1/authenticatedSession" \ -H "Content-Type: application/json" \ -d "{\"apiKey\":\"$API_KEY\",\"username\":\"[email protected]\", \"password\":\"$SVC_PASSWORD\",\"timestamp\":\"$(date +%s)000\"}" \ | jq -r '.cookies[0]') # Fetch current AI tool domains from our feed (JSON format) DOMAINS=$(curl -s "https://feeds.aitoolsblocklist.com/v1/domains?format=json&key=$FEED_KEY" \ | jq '[.domains[].domain]') # Count domains for logging COUNT=$(echo $DOMAINS | jq 'length') echo "Syncing $COUNT AI tool domains to ZIA category $CATEGORY_ID" # Update the custom URL category with current domains curl -s -X PUT "https://$ZIA_CLOUD/api/v1/urlCategories/$CATEGORY_ID" \ -H "Content-Type: application/json" \ -H "Cookie: JSESSIONID=$SESSION" \ -d "{\"configuredName\":\"AI Tools - Blocked\", \"urls\":$DOMAINS, \"description\":\"Auto-synced from AI Tools Blocklist - $(date -I)\"}" # Activate the configuration change curl -s -X POST "https://$ZIA_CLOUD/api/v1/status/activate" \ -H "Cookie: JSESSIONID=$SESSION" echo "ZIA sync complete: $COUNT domains pushed at $(date)"
Modern SWG platforms have evolved into full CASBs, enabling activity-level controls beyond allow-or-block. With our AI-tool categorization, you can apply granular cloud app controls per activity type.
Inspect HTTP POST bodies to AI-tool domains for sensitive data patterns:
Exact data match (EDM) and document fingerprinting for sensitive content:
Instead of importing a static list, SWG vendors can query our classification API inline as they process web requests. The result is instant classification — transparent to end users and always current.
# Real-time domain classification API — single lookup curl -s "https://api.aitoolsblocklist.com/v1/classify?domain=midjourney.com&key=YOUR_API_KEY" # Response (JSON): { "domain": "midjourney.com", "is_ai_tool": true, "category": "image-visual", "category_name": "AI Image & Visual Tools", "risk_score": 78, "first_seen": "2022-07-12", "last_verified": "2026-07-09", "confidence": 0.97 } # Batch classification — up to 1,000 domains per request curl -s -X POST "https://api.aitoolsblocklist.com/v1/classify/batch" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "domains": ["chatgpt.com", "notion.so", "midjourney.com", "github.com", "copilot.microsoft.com", "unknown-startup.ai"], "include_metadata": true }' # Response includes classification for each domain: { "results": [ {"domain": "chatgpt.com", "is_ai_tool": true, "category": "text-language", "risk_score": 72}, {"domain": "notion.so", "is_ai_tool": true, "category": "productivity-workspace", "risk_score": 45}, {"domain": "midjourney.com", "is_ai_tool": true, "category": "image-visual", "risk_score": 78}, {"domain": "github.com", "is_ai_tool": false, "category": null, "risk_score": 0}, {"domain": "copilot.microsoft.com", "is_ai_tool": true, "category": "code-development", "risk_score": 55}, {"domain": "unknown-startup.ai", "is_ai_tool": true, "category": "text-language", "risk_score": 85} ], "query_time_ms": 42, "total": 6, "ai_tools_found": 5 }
| Field | Purpose | Vendor Use Case |
|---|---|---|
risk_score (0–100) | Quantifies data-exfiltration risk per AI tool | Enables risk-based policy decisions |
confidence | Classification engine certainty level | Route low-confidence results to human review; enforce high-confidence immediately |
last_verified | Timestamp of last verification | Manage cache TTLs — cache aggressively if verified within 24h; re-query if stale |
Individual domain lookups return in under 50ms from our globally distributed API endpoints. Edge caching reduces repeat lookups to under 5ms. Designed for inline SWG evaluation without perceptible user impact.
JSON for ease of integration and debugging. Protobuf for high-throughput production deployments where serialization overhead matters. Both formats return identical classification data with the same API contract.
Submit up to 1,000 domains per batch request for cache warm-up, scheduled sync, or bulk analysis. Results in under 500ms. Ideal for SWG vendors pre-populating classification caches during off-peak maintenance windows.
A production SWG integration follows a four-layer architecture. Understanding each layer helps security architects design a deployment that is both performant and resilient.
| Action | Behavior |
|---|---|
| Block | Deny the request and serve a block page |
| Allow | Permit the request without restriction |
| Caution | Display a warning interstitial the user must acknowledge |
| Isolate | Route through Remote Browser Isolation — AI tool renders in a sandbox with copy-paste and uploads disabled |
| Log-Only | Permit the request but generate a log entry for monitoring |
Instead of blocking or allowing unrestricted access, RBI lets employees interact with AI tools in a sandboxed environment. The AI tool renders on a remote server — only pixels stream to the user's browser.
A single "AI Tools" category is insufficient for enterprise policies. Engineering needs code assistants, marketing needs image generators, and legal needs everything blocked. Our 18-category taxonomy enables precisely this granularity.
| Platform | Approach | Per-Department Scoping |
|---|---|---|
| Zscaler ZIA | Create up to 18 custom URL categories, one per category-specific feed endpoint | Separate URL filtering rules per user group referencing different category sets |
| Netskope | Create multiple URL lists, each in distinct Real-time Protection policies | Scope via SCIM group mapping to different user groups |
| iboss | Create multiple custom categories per AI-tool type | Associate with policy groups aligned to organizational structure |
Each category is maintained independently, with new domains classified within 24 hours of discovery.
Allow "code-development" and "data-analytics" categories. Block all others. Apply DLP inspection to allowed categories to prevent proprietary code uploads.
Allow "image-visual" and "marketing-ai" categories. Block "text-language" to prevent unvetted AI-generated copy. Isolate allowed tools via RBI.
Block all 18 categories. Log all access attempts. Alert compliance officers on repeated attempts. Zero tolerance for AI-tool usage in regulated functions.
Download the sample feed to test custom URL category creation on your platform. Or tell us your SWG platform and deployment model, and we will provide a ready-to-integrate feed package within 24 hours.
Tell us your SWG platform, deployment model, and category requirements. We will provide a custom integration package within 24 hours.