By: @almraza
In 2023, Palo Alto Networks introduced the Artificial Intelligence category within Advanced URL Filtering to provide industry-leading visibility and policy control over the rapidly expanding landscape of AI-driven web traffic. This category enabled organizations to understand better and manage AI-related websites as generative AI adoption accelerated across the enterprise.
By April 2024, AI activity had surged to unprecedented levels, with more than 41 million AI-related URL queries per day and a 300 percent increase in AI web requests compared to the previous year. As usage expanded, it became clear that AI websites served many different purposes. Applications ranged from chat and code assistance to meeting transcription and image generation, making it increasingly challenging to group this diversity into a single broad category.
With the explosive growth of AI adoption, the need for greater precision, visibility, and context in how AI traffic is categorized became clear. A single broad AI category was no longer sufficient, as AI websites now serve a wide range of distinct functions, each with different risk profiles and business implications.
To address this complexity, Palo Alto Networks introduced Granular AI categories in March 2025 as an evolution of the original parent category. Each granular category represents a specific AI use case, enabling administrators to manage policies with significantly enhanced precision and control.
The Granular AI framework organizes AI websites into eight focused functional categories:
This framework enables fine-grained policy enforcement and allows customers to apply differentiated controls based on business function, department, or risk level. The result is more accurate visibility, fewer false positives, and stronger alignment between web security, productivity, and business goals.
With the introduction of Granular AI categories, it became important to refine how Change Requests (CRs) are processed. The decision to limit CRs to the Granular AI categories is driven by the rapidly evolving nature of AI applications and the distinct use cases they represent.
AI websites today span a wide range of functions, including generative chat tools, coding assistants, meeting and media platforms, and workflow automation services. Making policy decisions at the level of a single broad AI category could lead to unintended outcomes, such as over-blocking legitimate business tools or allowing AI services that introduce risk. These broad adjustments can disrupt productivity, lead to compliance issues, or cause service outages.
Processing CRs at the granular level ensures that each request is evaluated within the specific context of its intended AI use case. This enables accurate, consistent updates aligned with how each service actually functions.
This approach provides several important benefits that directly enhance both security and operational stability:
This ensures customers can confidently manage AI traffic with fine-tuned control and minimal operational risk.
As AI adoption increases, many customers expect well-known AI vendor domains to appear automatically under the Artificial Intelligence or Granular AI categories. In practice, categorization is determined by the domain name's functional behavior rather than the vendor name. Palo Alto Networks URL Filtering classifies a domain as AI-only when users can provide input and receive an AI-generated output directly on that domain.
For example, Deepseek.com is an informational site. It is not categorized as AI, while chat.deepseek.com, which provides the actual AI chat interface, is categorized as Artificial Intelligence under the AI Conversational Assistant category. Similarly, Openai.com is categorized as Computer and Internet Information, but chatgpt.com, where the AI interaction occurs, is categorized as Artificial Intelligence under the AI Conversational Assistant category.
This approach ensures:
For organizations that prefer to continue using the broad Artificial Intelligence category and do not plan to adopt the new Granular AI categories, transitioning to App-ID is recommended. Instead of relying on a single broad URL Filtering category that groups many different AI use cases, such as chat, code assistance, and media generation, App-ID provides a more effective path for precise management and control.
App-ID allows administrators to apply per-application precision through fine-grained policies that govern specific behaviors, such as uploads, downloads, and feature access, and align with business requirements, security standards, and compliance needs.
The App-ID team has developed a detailed transition plan and step-by-step migration guide to help customers migrate to App-ID for improved coverage and functional control of AI-related applications. Adopting App-ID ensures long-term consistency, accuracy, and deeper policy enforcement across both web and application layers, allowing organizations to maintain complete visibility, agility, and control as the AI ecosystem continues to evolve.
For detailed category definitions, recommended actions, and implementation guidance, visit: New Advanced URL Filtering Granular Artificial Intelligence Categories to learn more.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like |
