How best to block/restrict WebDAV via ZIA

We would like to limit WebDAV to select servers for our ZIA users. As WebDAV is really just HTTP, how best to do this?

Our primary use case is blocking the use of WebDAV for payload delivery using native tools like msbuild.exe. In that specific scenario, we see this signature, but I can’t find a way to limit ZIA traffic based on the useragent.

OPTIONS	302	DavClnt

Could you not just block request method “other” in URL & Cloud App Control to these selected servers?

Just a late-night idea as WebDAV uses http extensions for file operations and WebDAV obviously needs methods LOCK and PROPFIND before GET. So maybe worth a try.