Deploy a comprehensive AI-tool blocklist across your entire ZIA tenant — custom URL categories, cloud app control, DLP, and API automation covering 16,024+ classified AI domains.
Every user's traffic passes through Zscaler's cloud before reaching the internet — office, home, or mobile. One policy in the ZIA Admin Portal protects everyone, everywhere, instantly.
No appliances to deploy. Zscaler sits in the data path for all users, all protocols, all locations — no split-tunnel gaps or DNS leaks.
Add 16,024+ AI-tool domains to a custom URL category and every Client Connector user is protected — before connections are established.
Cloud App Control identifies AI tools by behavior — not just domain — catching AI features embedded inside legitimate SaaS platforms.
The ZIA API lets you programmatically update custom URL categories — enabling automated daily syncs with our domain feed, zero manual effort.
ZIA's built-in "AI/ML Applications" category covers only a fraction of AI-tool domains. A custom URL category lets you fill the gap with our continuously-updated feed of 16,024+ domains.
Go to Administration > URL Categories and click Add Custom Category.
Name it "AI Tools Blocklist." Add domains in bare format (openai.com) or with wildcards (.openai.com).
Go to Web Policy > URL & Cloud App Control. Add a rule targeting your custom category with Block action.
Scope the rule to user groups, departments, or locations. Every user in scope sees a block page instantly.
Custom URL categories support up to 25,000 URLs when configured through the portal.
Via the ZIA API, each category supports up to 100,000 URLs — more than enough for our 16,024+ domains.
Wildcard entries like .openai.com match all subdomains automatically.
Manual doesn't scale. We add hundreds of new AI domains every week. Use the ZIA API (covered below) to automate daily syncs.
# Create a custom URL category via the ZIA API # Step 1: Authenticate and obtain a session token curl -X POST "https://zsapi.zscaler.net/api/v1/authenticatedSession" \ -H "Content-Type: application/json" \ -d '{ "apiKey": "YOUR_OBFUSCATED_API_KEY", "username": "[email protected]", "password": "YOUR_PASSWORD", "timestamp": "1720483200000" }' # Step 2: Create the custom URL category with AI tool domains curl -X POST "https://zsapi.zscaler.net/api/v1/urlCategories" \ -H "Content-Type: application/json" \ -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \ -d '{ "configuredName": "AI Tools Blocklist", "customCategory": true, "superCategory": "USER_DEFINED", "type": "URL_CATEGORY", "urls": [ "openai.com", "chat.openai.com", "claude.ai", "anthropic.com", "gemini.google.com", "midjourney.com", "jasper.ai", "copy.ai", "writesonic.com", "huggingface.co" ], "dbCategorizedUrls": [], "description": "AI tool domains from aitoolsblocklist.com — updated daily" }'
ZIA evaluates URL filtering rules top-to-bottom — first match wins. Place your AI-blocking rule above any permissive "allow all" rules, but below department-specific allow exceptions.
Tip: Use the Caution action for a soft rollout. It displays a warning page but lets users proceed — ideal for educating users before hard-blocking.
Assessment phase? Set the action to Allow with Log enabled to audit AI-tool usage before enforcing.
Hard block with customizable block page. All requests logged with user, device, timestamp, and domain metadata.
Warning page with click-through. Ideal for rollout — educate users and measure AI-tool usage before hard-blocking.
Allow traffic but log every transaction. Use during discovery to audit AI tool access before defining final policy.
Block by default, allow bypass with credentials. Useful for security teams or researchers needing occasional AI access.
URL filtering blocks domains. Cloud App Control goes deeper — inspecting traffic patterns, TLS attributes, and HTTP headers to detect AI tools embedded inside other platforms.
Detects AI tools embedded inside legitimate SaaS platforms that simple domain matching misses.
Allow "browse" but block "upload," "post," or "AI-assist" actions for supported applications.
Identifies AI tools hosted on shared infrastructure or accessed through API endpoints that don't match simple domain patterns.
Defense-in-depth: Combine both layers. Cloud App Control catches known apps by behavior; URL filtering catches the long tail by domain. If Zscaler's catalog hasn't classified a new AI tool, the domain-level blocklist catches it within 24 hours.
A blanket block for all users is rarely the right policy. ZIA supports user-based, group-based, department-based, and location-based assignments for granular control.
| Department | AI Code Tools | AI Writing Tools | AI Image Tools |
|---|---|---|---|
| Engineering | Allowed | Blocked | Blocked |
| Finance | Blocked | Blocked | Blocked |
| Data Science | Allowed | Allowed | Blocked |
| All Others | Blocked | Blocked | Blocked |
ZIA integrates with Azure AD, Okta, Active Directory (via provisioning agent), and SCIM — groups and departments stay synchronized automatically.
New employees inherit their department's AI-tool policy on join. Transfers update on the next sync cycle.
# ZIA API: Create a URL filtering rule scoped to a specific department # This rule blocks AI writing tools for the Finance department only curl -X POST "https://zsapi.zscaler.net/api/v1/webApplicationRules" \ -H "Content-Type: application/json" \ -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \ -d '{ "name": "Block AI Writing Tools - Finance", "order": 3, "state": "ENABLED", "action": "BLOCK", "urlCategories": ["AI_WRITING_TOOLS"], "departments": { "id": [98765] }, "protocols": ["ANY_RULE"], "requestMethods": ["GET", "POST", "PUT"], "blockOverride": false, "description": "Block Text & Language AI tools for Finance department" }' # Separate rule: Allow AI Code Tools for Engineering curl -X POST "https://zsapi.zscaler.net/api/v1/webApplicationRules" \ -H "Content-Type: application/json" \ -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \ -d '{ "name": "Allow AI Code Tools - Engineering", "order": 2, "state": "ENABLED", "action": "ALLOW", "urlCategories": ["AI_CODE_TOOLS"], "departments": { "id": [12345] }, "protocols": ["ANY_RULE"], "description": "Allow Code & Dev AI tools for Engineering department" }'
Rule order matters. Place specific allow rules (e.g., "Allow AI Code Tools for Engineering") above general block rules. A broad block at position 1 catches all traffic before exceptions fire.
Domain blocking is the first line of defense. Zscaler's inline DLP engine adds a second layer — inspecting outbound content to catch sensitive data sent to AI tools you haven't blocked yet.
Scans form submissions, file uploads, and API payloads in real time before data leaves your network.
Detects SSNs, credit card numbers, source code patterns, and proprietary document markers.
Match your organization's confidential data formats — catches code pasted into unknown AI chatbots.
Blocks all traffic to 16,024+ known AI-tool domains. Updated daily. Catches known tools instantly at the DNS/URL layer before any data is transmitted.
Inspects content in outbound payloads to any destination. Catches sensitive data exfiltration to unknown or newly-launched AI tools that are not yet in the blocklist.
Every AI tool operates over HTTPS. Without SSL inspection, ZIA can block by domain (via SNI) but cannot inspect request content. DLP and Cloud App Control require decrypted traffic to function.
Navigate to Web Policy > SSL Inspection. Create a rule targeting your "AI Tools Blocklist" category.
Deploy Zscaler's root CA certificate to endpoints via Client Connector, Group Policy (Windows), or MDM (macOS/iOS).
Access an AI-tool domain and confirm no TLS certificate errors appear. Verify DLP and content inspection events in logs.
Audit your SSL exemption list to ensure no AI-tool domains are inadvertently exempted from inspection.
Certificate pinning alert. Some apps (financial, healthcare, government) use certificate pinning and will break with SSL inspection. Maintain your exemption list — but ensure AI-tool domains never appear on it.
Manual portal updates don't scale when the domain list changes daily. The ZIA API lets you script the entire workflow — fetch, authenticate, update, activate — via a daily cron job.
The ZIA API uses session-based authentication. Sessions expire after 30 minutes idle, so long-running scripts should handle re-authentication.
# Complete Python script: sync AI Tools Blocklist feed to ZIA custom URL category # Run daily via cron: 0 3 * * * /usr/bin/python3 /opt/scripts/zia_ai_sync.py import requests, json, time, hashlib, sys ZIA_BASE = "https://zsapi.zscaler.net/api/v1" ZIA_USERNAME = "[email protected]" ZIA_PASSWORD = "YOUR_PASSWORD" ZIA_API_KEY = "YOUR_API_KEY" FEED_URL = "https://feeds.aitoolsblocklist.com/v1/domains?format=json&key=YOUR_FEED_KEY" CATEGORY_ID = 12345678 # Your custom URL category ID def obfuscate_api_key(api_key, timestamp): high = timestamp[-6:] low = str(int(high) >> 1) key = "" for i in range(len(high)): key += api_key[int(high[i])] for i in range(len(low)): key += api_key[int(low[i]) + 2] return key # Step 1: Fetch latest AI tool domains from our feed print("[*] Fetching AI tool domain feed...") feed = requests.get(FEED_URL).json() domains = feed["domains"] print(f"[+] Retrieved {len(domains)} domains") # Step 2: Authenticate with ZIA API ts = str(int(time.time() * 1000)) obf_key = obfuscate_api_key(ZIA_API_KEY, ts) session = requests.Session() auth_resp = session.post(f"{ZIA_BASE}/authenticatedSession", json={ "apiKey": obf_key, "username": ZIA_USERNAME, "password": ZIA_PASSWORD, "timestamp": ts }) auth_resp.raise_for_status() print("[+] Authenticated with ZIA API") # Step 3: Update the custom URL category with new domains update_resp = session.put(f"{ZIA_BASE}/urlCategories/{CATEGORY_ID}", json={ "configuredName": "AI Tools Blocklist", "urls": domains, "description": f"Updated {time.strftime('%Y-%m-%d')} — {len(domains)} AI tool domains" }) update_resp.raise_for_status() print(f"[+] Updated category with {len(domains)} domains") # Step 4: Activate the configuration change activate_resp = session.post(f"{ZIA_BASE}/status/activate", json={ "status": "ACTIVE" }) activate_resp.raise_for_status() print("[+] Configuration activated — all ZIA nodes will apply the update") # Step 5: Clean up session session.delete(f"{ZIA_BASE}/authenticatedSession") print("[+] Session closed. Sync complete.")
Authenticate and receive session cookie. Required before all other API calls. Session expires after 30 minutes idle.
Replace the URLs in a custom category. Send the full domain list each time — this is an overwrite, not an append. Supports up to 100,000 URLs per category via API.
Activate pending configuration changes. Without this call, URL category updates sit in a "pending" state and are not enforced. Always call this after updating categories.
List all custom URL categories. Use this to look up the category ID for your AI Tools Blocklist category if you do not already know it.
# ZIA API: Bulk domain upload using the URL lookup endpoint # Useful for verifying which domains ZIA already categorizes vs. custom additions curl -X POST "https://zsapi.zscaler.net/api/v1/urlLookup" \ -H "Content-Type: application/json" \ -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \ -d '[ "openai.com", "claude.ai", "midjourney.com", "newaitool.com", "obscure-ai-assistant.io" ]' # Response shows Zscaler's built-in categorization for each domain: # [ # {"url":"openai.com", "urlClassifications":["AI/ML Applications"]}, # {"url":"claude.ai", "urlClassifications":["AI/ML Applications"]}, # {"url":"newaitool.com", "urlClassifications":["Uncategorized"]}, # ... # ] # Domains classified as "Uncategorized" by Zscaler are exactly why you # need the custom URL category — they will not be blocked by default.
Every ZIA transaction is logged with rich metadata — giving you a complete, searchable audit trail of every AI-tool access attempt across your organization.
Access dashboards under Analytics > Web Insights. Filter by your custom "AI Tools Blocklist" category for trends, top users, most-accessed domains, and department breakdowns.
Full-text searchable in ZIA portal with CSV export. Every HTTP/HTTPS transaction with complete metadata.
Built-in analytics with trends, top blocked domains, and department-level breakdowns. Filter by custom URL category.
Nanolog Streaming Service pushes real-time logs to Splunk, Sentinel, QRadar, or syslog for correlation and alerting.
# Splunk query: AI-tool block events by department over the last 7 days index=zscaler sourcetype=zscalernss-web action="Blocked" urlcategory="AI Tools Blocklist" | timechart span=1d count by department | sort -count # Splunk alert: detect user with 50+ blocked AI requests in 1 hour # (possible circumvention attempt or automated tool) index=zscaler sourcetype=zscalernss-web action="Blocked" urlcategory="AI Tools Blocklist" | bin _time span=1h | stats count by _time, user, department | where count > 50
Most deployments go from zero to full AI blocking in under two hours. Follow these steps in the ZIA Admin Portal or via the API.
In ZIA Admin Portal, go to Administration > URL Categories > Add Custom Category. Name it "AI Tools Blocklist." Populate it with domains from our feed — manually for a quick test, or via the API for production.
Go to Web Policy > URL & Cloud App Control. Add a rule that targets your custom category with a Block action. Scope it to the appropriate user groups, departments, and locations.
Add an SSL inspection rule for your AI Tools Blocklist category. Deploy the Zscaler root CA certificate to managed endpoints via Client Connector, Group Policy, or MDM.
Create DLP rules that inspect content destined for AI-tool URLs. Target sensitive data dictionaries — PII, source code, financial data. This catches data leakage even to AI tools not yet in the blocklist.
Deploy the Python sync script (above) as a daily cron job. It fetches the latest domains from our API, updates the ZIA custom URL category, and activates the change — zero manual effort.
Test by browsing to a known AI-tool domain from a Zscaler-connected device. Verify the block page appears. Check Analytics > Web Insights for logged events. Configure NSS to stream logs to your SIEM.
Download the free 500-domain sample to test in your ZIA tenant today. Or tell us your Zscaler deployment details and we will deliver a feed in the exact format ZIA expects.
Specify your ZIA tenant cloud (zscaler.net, zscalerone.net, etc.), number of users, and whether you need API automation. We will send a ready-to-import feed within 24 hours.