AI Tools Blocklist
Home AI Tools Database Taxonomy Pricing
Solutions
Enterprise IT & CISO Education Firewall Admins Shadow AI Prevention
Integrations
Palo Alto Networks FortiGate Cisco Umbrella pfSense REST API
Download Free Sample
Microsoft Defender Guide

Block AI Tools with Microsoft Defender for Endpoint

Enforce AI-tool blocking on every managed endpoint — Windows, macOS, Linux, iOS, and Android — using custom indicators, web content filtering, and network protection. 16,024+ domains, updated daily, no on-prem proxy required.

16,024+AI Domains
18Categories
5OS Platforms
DailyUpdates
Download Sample Domain List View Pricing
The Challenge

Why Microsoft Defender for Endpoint Is the Right Layer for AI Blocking

Firewalls and proxies only protect users on the corporate network. Defender for Endpoint enforces AI-tool blocking on every device, everywhere — no VPN required.

Follows Users Everywhere

Blocks AI tools whether the user is in the office, at home, or on airport Wi-Fi. Policy is attached to the device, not the network.

No VPN or Proxy Needed

The Defender sensor intercepts connections on the device itself. No split-tunnel gaps, no PAC files, no proxy configuration.

Per-Device Attribution

Every block event shows the exact user, device, process, and millisecond-precision timestamp. No ambiguous NAT pool IPs.

Single Portal Management

Manage indicators in the Microsoft 365 Defender portal or via API. Updates push to every endpoint within minutes.

Cross-Platform Coverage

Runs on Windows 10/11, macOS, Linux, iOS, and Android. One policy, five operating systems.

Automated Daily Sync

Push new domains from our 16,024+ feed via API automation. No firewall rules, proxy configs, or DNS zones to update.

Coverage at a Glance

16,024+
AI domains enforced per endpoint
15K
Max indicators per tenant
102M
Domain corpus scanned
24hr
Update cycle
Custom Indicators

Custom Indicators: The Foundation of AI Domain Blocking

Custom indicators tell the Defender sensor to block, warn, or allow connections to specific domains. For AI blocking, you create "Block" indicators for every domain in your list.

Indicator Fields

Indicator Value

The domain or URL to match (e.g., openai.com).

Action

Block, Warn, or Allow — determines what happens when a device connects.

Title & Description

Labels for identifying the indicator in the portal and in alert output.

Severity

Informational, Low, Medium, or High — controls alert priority in the portal.

Scope (Device Groups)

Apply the indicator to all devices or limit it to specific device groups.

Expiration Date

Optional time-limited indicators for temporary access exceptions.

The M365 Defender portal lets you add indicators one-at-a-time under Settings > Endpoints > Indicators > URLs/Domains. For thousands of domains, use the API or PowerShell for bulk import.

# PowerShell: Create a single custom indicator via the MDE API
# Requires: WindowsDefenderATP app registration with Ti.ReadWrite.All permission

$tenantId    = "YOUR_TENANT_ID"
$appId       = "YOUR_APP_ID"
$appSecret   = "YOUR_APP_SECRET"

# Authenticate to Microsoft Defender API
$body = @{
    grant_type    = "client_credentials"
    client_id     = $appId
    client_secret = $appSecret
    scope         = "https://api.securitycenter.microsoft.com/.default"
}
$token = (Invoke-RestMethod -Method Post `
    -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" `
    -Body $body).access_token

# Create a block indicator for an AI tool domain
$indicator = @{
    indicatorValue = "openai.com"
    indicatorType  = "DomainName"
    action         = "Block"
    title          = "AI Tool - Blocked by policy"
    description    = "AI tool domain blocked per organizational policy"
    severity       = "Medium"
    generateAlert  = $true
} | ConvertTo-Json

Invoke-RestMethod -Method Post `
    -Uri "https://api.securitycenter.microsoft.com/api/indicators" `
    -Headers @{ Authorization = "Bearer $token" } `
    -ContentType "application/json" `
    -Body $indicator
Indicator Limit: 15,000 per Tenant

Our standard feed fits within this cap. For the full 16,024+ domain set, we provide a tiered prioritization list — or combine indicators with web content filtering for complete coverage.

Automation

Bulk Import: Automating Indicator Deployment from the AI Tools Blocklist

Automate the entire sync with a scheduled task or Azure Automation runbook. New AI domains appear in your Defender tenant automatically on every sync cycle.

What the Automation Does

Authenticates to both our feed API and the Defender API
Fetches the latest 16,024+ AI-tool domains from our feed
Computes a delta against your existing indicators to avoid duplicates
Creates block indicators only for newly added domains
Rate-limits API calls (200ms delay) to stay within throttle limits
Optionally removes indicators for delisted domains
# PowerShell: Bulk-sync AI blocklist domains to Defender indicators
# Schedule this script to run daily via Task Scheduler or Azure Automation

$feedUrl   = "https://feeds.aitoolsblocklist.com/v1/domains?format=json&key=YOUR_API_KEY"
$tenantId  = "YOUR_TENANT_ID"
$appId     = "YOUR_APP_ID"
$appSecret = "YOUR_APP_SECRET"

# Step 1: Get access token
$tokenBody = @{
    grant_type = "client_credentials"; client_id = $appId
    client_secret = $appSecret
    scope = "https://api.securitycenter.microsoft.com/.default"
}
$token = (Invoke-RestMethod -Method Post `
    -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" `
    -Body $tokenBody).access_token
$headers = @{ Authorization = "Bearer $token" }

# Step 2: Fetch AI tool domains from our feed
$aiDomains = (Invoke-RestMethod -Uri $feedUrl).domains

# Step 3: Get existing Defender indicators tagged as AI blocklist
$existing = (Invoke-RestMethod `
    -Uri "https://api.securitycenter.microsoft.com/api/indicators" `
    -Headers $headers).value |
    Where-Object { $_.title -like "AI Tool*" }
$existingDomains = $existing.indicatorValue

# Step 4: Compute delta — new domains to add
$toAdd = $aiDomains | Where-Object { $_ -notin $existingDomains }

# Step 5: Create indicators for new domains (batched)
$count = 0
foreach ($domain in $toAdd) {
    $ind = @{
        indicatorValue = $domain
        indicatorType  = "DomainName"
        action         = "Block"
        title          = "AI Tool - $domain"
        description    = "AI tool domain from aitoolsblocklist.com feed"
        severity       = "Medium"
        generateAlert  = $true
    } | ConvertTo-Json

    Invoke-RestMethod -Method Post `
        -Uri "https://api.securitycenter.microsoft.com/api/indicators" `
        -Headers $headers -ContentType "application/json" `
        -Body $ind
    $count++
    Start-Sleep -Milliseconds 200  # Rate limiting
}

Write-Host "Synced $count new AI-tool indicators to Defender"
Delta Sync Is Fast

Only 20–50 new domains are added on a typical day. The delta sync completes in under 5 minutes — no need to re-import the full list.

Web Content Filtering

Web Content Filtering: Category-Level AI Blocking

Web content filtering uses Microsoft's URL categorization engine to block entire content categories. It acts as a safety net — catching new AI tools that aren't yet in any domain blocklist.

Configuration Steps

1
Navigate to Filtering

security.microsoft.com > Settings > Endpoints > Web content filtering

2
Create Policy

Add a new policy and select the content categories to block. Scope to device groups.

3
Combine with Indicators

Use custom indicators from our feed for precision targeting of the full 16,024+ domain set.

Layer 1: Content Filtering

Catches newly launched AI domains that Microsoft has categorized. Provides baseline coverage without per-domain configuration.

Layer 2: Custom Indicators

Import 16,024+ domains from our feed. Catches AI tools Microsoft hasn't categorized — with per-domain alerting.

Network Protection

Network Protection: Extending Blocking Beyond the Browser

Custom indicators and web content filtering enforce blocks through the browser. Network protection intercepts connections at the OS level — blocking AI access from any application.

What It Catches

IDE Plugins

Code assistant plugins in VS Code, JetBrains, and other editors connecting to AI APIs.

Desktop Apps

Standalone AI writing tools, image generators, and productivity apps with AI features.

CLI Tools & Scripts

Automated scripts and command-line utilities calling AI API endpoints directly.

API Clients

Any HTTP/HTTPS client making direct connections to AI-tool domains.

Network Protection Modes

Mode Behavior Best For
Disabled No OS-level interception. Browser-only enforcement. Pre-deployment baseline
Audit Logs all connections to blocked domains but allows them through. Discovery phase — see what would be blocked
Block Drops connections to blocked domains at the OS level, all apps. Production enforcement
# PowerShell: Enable network protection in block mode
# Run on each endpoint or deploy via Intune/GPO

# Check current network protection status
Get-MpPreference | Select-Object EnableNetworkProtection

# Enable in Audit mode first (recommended for initial deployment)
Set-MpPreference -EnableNetworkProtection AuditMode

# After reviewing audit logs, switch to Block mode
Set-MpPreference -EnableNetworkProtection Enabled

# Verify the setting
Get-MpPreference | Select-Object EnableNetworkProtection
# Output: Enabled = Block mode, AuditMode = Audit, Disabled = Off

# To deploy via Group Policy:
# Computer Configuration > Admin Templates > Windows Components >
# Microsoft Defender Antivirus > Microsoft Defender Exploit Guard >
# Network Protection > "Prevent users and apps from accessing
# dangerous websites" = Enabled (Block)
Complete Coverage

Browser-level web content filtering + OS-level network protection = every access vector covered. Browsers, desktop apps, CLI tools, scripts, and system processes are all enforced.

Intune Deployment

Intune Policies: Managed Deployment Across Your Fleet

Deploy AI-blocking policies as Intune device configuration profiles. Non-compliant devices can be blocked from corporate resources via Conditional Access.

Three Configuration Profiles

Network protection profile — enables the Defender sensor's OS-level blocking
Web content filtering profile — defines which URL categories to block
Indicator sync script — scheduled task pulling domains from our feed into the Defender API
// Intune: Device Configuration Profile — Network Protection (OMA-URI)
// Create via Intune > Devices > Configuration profiles > Create profile
// Platform: Windows 10 and later, Profile type: Custom

// OMA-URI Setting 1: Enable Network Protection
OMA-URI: ./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection
Data type: Integer
Value: 1   // 0=Disabled, 1=Enabled (Block), 2=Audit

// OMA-URI Setting 2: Allow Network Protection Down Level
OMA-URI: ./Vendor/MSFT/Policy/Config/Defender/AllowNetworkProtectionDownLevel
Data type: Integer
Value: 1

// OMA-URI Setting 3: Enable Network Protection on Win Server
OMA-URI: ./Vendor/MSFT/Policy/Config/Defender/AllowNetworkProtectionOnWinServer
Data type: Integer
Value: 1

On macOS, deploy a mobileconfig profile via Intune. On iOS and Android, Defender uses a local VPN configuration (no actual tunnel) to route DNS queries through the Defender engine for block enforcement.

Windows

Full network protection + custom indicators + web content filtering. Deploy via Intune OMA-URI or endpoint security policy.

macOS

Network protection via mobileconfig profile. Custom indicators enforced through the Defender sensor. Web content filtering in Edge and Safari.

iOS & Android

Web protection via local VPN DNS filtering. Custom indicators enforced at the DNS layer. Covers all apps, not just the browser.

Defender Portal

Microsoft 365 Defender Portal: Centralized Management and Visibility

The portal at security.microsoft.com is your single pane of glass for AI-tool blocking. Every API or PowerShell action is also visible here.

Key Portal Sections

Indicators

Settings > Endpoints > Indicators — create and manage your domain block indicators.

Web Content Filtering

Settings > Endpoints > Web content filtering — configure category-level blocking policies.

Incidents & Alerts

Review block events that generate alerts. Investigate user-level patterns and device details.

Web Protection Reports

Reports > Web protection — aggregate blocked domains, top users, and trend data over time.

Access Control & Scoping

Role-Based Access (RBAC)

Grant indicator management to your security ops team without broader Defender admin privileges.

Device Group Scoping

Scope policies and exceptions per device group — e.g., allow Copilot for engineering while blocking it globally.

Graph API Integration

Microsoft Graph API: Enterprise-Scale Policy Deployment

For multi-tenant organizations or MSSPs, the Microsoft Graph Security API provides programmatic control over every aspect of Defender configuration.

Graph API Capabilities

Batch operations — create or update hundreds of indicators in a single API call
Webhook notifications — get real-time alerts when block events fire
Azure Logic Apps & Power Automate — orchestrate workflows without custom code
Multi-tenant support — deploy AI-blocking across customer tenants from a central platform
# PowerShell: Deploy AI blocking via Microsoft Graph API
# Requires: Microsoft.Graph PowerShell module

Import-Module Microsoft.Graph.Security

# Connect with app-only authentication
$cert = Get-ChildItem Cert:\CurrentUser\My\THUMBPRINT
Connect-MgGraph -ClientId $appId -TenantId $tenantId `
    -Certificate $cert

# Fetch AI domains from our feed
$response = Invoke-RestMethod `
    -Uri "https://feeds.aitoolsblocklist.com/v1/domains?format=json&key=YOUR_KEY"

# Create indicators via Graph Security tiIndicators endpoint
foreach ($domain in $response.domains) {
    $params = @{
        action               = "block"
        description          = "AI tool domain - $($domain.category)"
        domainName           = $domain.domain
        expirationDateTime   = (Get-Date).AddDays(30).ToString("o")
        severity             = "medium"
        targetProduct        = "Microsoft Defender for Endpoint"
        threatType           = "UnwantedSoftware"
        tlpLevel             = "white"
    }
    New-MgSecurityTiIndicator -BodyParameter $params
}

Write-Host "Deployed $($response.domains.Count) AI-tool indicators via Graph API"
Conditional Access

Conditional Access Integration: Compliance-Driven Enforcement

Conditional Access policies in Entra ID can reference Defender compliance status. Devices that violate your AI-blocking policy lose access to corporate resources automatically.

Bypass = Lose Corporate Access

If a user disables network protection or tampers with indicators, their device becomes non-compliant within minutes. Conditional Access blocks email, SharePoint, Teams, and all protected apps until remediation.

Enforcement Loop

1

Defender Reports Risk

Devices accessing blocked AI domains are flagged with an elevated machine risk level via custom detection rules.

2

Intune Checks Compliance

Devices above your risk threshold are marked non-compliant. Status syncs to Entra ID within minutes.

3

Conditional Access Blocks

Non-compliant devices are blocked from email, files, Teams, and all apps protected by Conditional Access.

4

User Remediates

User sees a remediation page explaining the block. Once compliant again, access restores automatically.

Reporting & Hunting

Reporting and Incident Response: Visibility into AI Tool Usage

Blocking is half the equation. Defender provides multiple reporting layers — from executive dashboards to granular KQL queries — for full visibility.

Reporting Layers

Web Protection Dashboard

Aggregate block counts, top blocked domains, and top affected users. Executive-level compliance reporting.

Advanced Hunting (KQL)

Query raw event data to answer specific questions about AI-tool usage patterns across your organization.

Microsoft Sentinel Integration

Cross-correlate AI-tool events with other security data. Create analytics rules for circumvention detection.

// KQL: Advanced Hunting — AI tool block events in the last 7 days
// Run in Microsoft 365 Defender > Hunting > Advanced hunting

DeviceEvents
| where Timestamp > ago(7d)
| where ActionType == "SmartScreenUrlWarning"
    or ActionType == "ExploitGuardNetworkProtectionBlocked"
    or ActionType == "NetworkProtectionResponse"
| extend ParsedFields = parse_json(AdditionalFields)
| extend BlockedUrl = tostring(ParsedFields.ResponseCategory)
| where RemoteUrl has_any (
    "openai.com", "claude.ai", "anthropic.com",
    "gemini.google.com", "midjourney.com",
    "copilot.microsoft.com", "jasper.ai"
)
| summarize BlockCount = count() by DeviceName, AccountName, RemoteUrl
| sort by BlockCount desc
// KQL: Top 20 users attempting AI tool access — for policy review

DeviceEvents
| where Timestamp > ago(30d)
| where ActionType in ("SmartScreenUrlWarning",
    "ExploitGuardNetworkProtectionBlocked")
| where RemoteUrl matches regex @"(openai|anthropic|claude|midjourney|jasper|writesonic|copy\.ai|huggingface)"
| summarize
    TotalAttempts = count(),
    UniqueTools = dcount(RemoteUrl),
    LastAttempt = max(Timestamp)
    by AccountName, DeviceName
| sort by TotalAttempts desc
| take 20
Automated Response Playbooks

Connect Sentinel analytics rules to Logic Apps — automatically notify the user's manager, open a ServiceNow ticket, or restrict the Azure AD session when circumvention is detected.

# PowerShell: Export AI-tool block events for compliance reporting

$startDate = (Get-Date).AddDays(-30).ToString("yyyy-MM-ddTHH:mm:ssZ")

$query = @{
    Query = @"
DeviceEvents
| where Timestamp > datetime($startDate)
| where ActionType in ("SmartScreenUrlWarning",
    "ExploitGuardNetworkProtectionBlocked")
| project Timestamp, DeviceName, AccountName,
    RemoteUrl, ActionType
| sort by Timestamp desc
"@
} | ConvertTo-Json

$results = Invoke-RestMethod -Method Post `
    -Uri "https://api.securitycenter.microsoft.com/api/advancedhunting/run" `
    -Headers @{ Authorization = "Bearer $token" } `
    -ContentType "application/json" -Body $query

# Export to CSV for compliance team
$results.Results |
    Export-Csv -Path "AI_Block_Report_$(Get-Date -Format 'yyyyMMdd').csv" `
    -NoTypeInformation

Write-Host "Exported $($results.Results.Count) block events"
Implementation

Implementation Checklist: From Zero to Full Enforcement

Most organizations complete the full deployment in 1–3 business days, with the first week in audit mode for policy validation.

Prerequisites

Microsoft Defender for Endpoint Plan 2 license. Devices onboarded to MDE. Azure AD app registration with Ti.ReadWrite.All and WindowsDefenderATP permissions. Network protection capable OS versions (Windows 10 1709+, macOS 11+). Our AI Tools Blocklist API key.

Phase 1: Audit Mode

Enable network protection in audit mode. Import AI-tool indicators with action set to "Warn" instead of "Block." Run for five business days. Review Advanced Hunting data to identify which users and departments are accessing AI tools and which specific tools are in use. Adjust your policy scope before enforcement.

Phase 2: Enforce

Switch network protection to block mode. Update indicators from "Warn" to "Block." Deploy web content filtering policy. Configure the automated daily sync from our AI Tools Blocklist feed. Set up alerting for block events above your threshold. Communicate the policy to end users.

Phase 3: Monitor & Report

Enable Conditional Access compliance integration. Create Sentinel analytics rules for circumvention detection. Schedule weekly compliance reports via the Advanced Hunting export script. Review and tune exception indicators based on business justification requests from teams that need specific AI-tool access.

Ready to Deploy AI Blocking on Microsoft Defender?

Download the free 500-domain sample to test with custom indicators today. Or tell us your tenant configuration and we will send a ready-to-import indicator set within 24 hours.

Download Free Sample View Plans

Tell Us Your Defender Configuration

Specify your MDE plan, OS platforms, and tenant size. We will send a ready-to-import indicator set and automation script within 24 hours.