Testing WSS accessibility in an agentless CASB-Only deployment would help Admins and support to gather more information about the session, WSS offers a way to do that using a dedicated URL (pod.threatpulse.com) but it needs some configuration change on the environment, this article goes through the details on how do it.
The agentless deployment relies on the pre-defined domains shared by Cloudsoc, pod.threatpulse.com is not one of them, for this reason, the requests to an undefined domain get blocked since it is not part of the domain-of-interest list.
1- Add the WSS testing url's to the proxy forwarding lists
The general guidance on how to configure the proxy chaining for WSS CASB-Only is listed (here)
Add "pod.threatpulse.com" to the domains of interest in the forwarding condition - custom condition name in the KB article is: "CloudSOC_Forward_List" -
2- Define a new custom gatelet with the WSS testing url's
Log in to Cloudsoc admin console
Define a new custom gatelet (Store > Gatelets > Custom Apps > click on "Create Custom Apps")
Give the custom gatelet any name
Add "pod.threatpulse.com" as a domain for the newly created custom gatelet
Click "Save and Activate"
Allow 5-10 minutes for the auto-sync between Cloudsoc and WSS to take place
3- Test the result on an endpoint
on an agentless endpoint, browse to https://pod.threatpulse.com or http://threatpulse.com
the expected result is to get a response from WSS saying that "You are Protected!" with the details of the connection (Pod, IP's ..etc)
This solution assumes that the custom gatelet license is purchased and valid.