With Cert Pinned Apps, one can can specify an application (Windows EXE, Mac Process, etc) and what domains to bypass. While there is a block option, you cannot specify specific domains, it treats the field as a "*" regardless of what is placed in the field.
My use case is that I have an application that one can put APIs into. This is very useful, but i would like to prevent OPENAI.COM. However, as programmed by Netskope, despite specifically putting OPENAI.com in the URL list, it blocks all Internet access from the application, which is causing disruption.
This is not not explained at all during the creation process and has a single line dedicated to it in a KB article. Blink and you will miss it!