airlock vs Microsoft Agent 365
Microsoft Agent 365 governs agents inside the Microsoft tenant. airlock governs the AI clients your team already uses, across every vendor. Here is the honest, feature-by-feature breakdown, including where Agent 365 wins.
How they compare
Scored the same way as the full comparison, airlock's losing rows included. ✓ full · ~ partial · ✕ none · roadmap known but unshipped.
| Capability | airlock | Agent 365 |
|---|---|---|
| What it is | ||
| Coverage & portability | ||
| Govern people's AI tools, across vendorsGovern the AI clients people use day to day, across every vendor. | ✓Fronts Claude, ChatGPT and Cursor across every vendor, through one connector. | ✕Microsoft tools only; browser use of others is endpoint-block at best. |
| Run autonomous agentsHost and run agents executing on their own, with their own identity. | roadmapDoes not run agents yet; agent runtime hosting and identity are on the roadmap. Agent config is governed as objects (see below). | ✓Built for agents, with Entra Agent ID. |
| Overlay, not a destinationSits in front of the tools you already use, instead of being its own app. | ✓Sits in front of the tools you already use. | ✕A Microsoft platform you adopt. |
| Governance & security | ||
| Policy, approvals & kill switchSet rules, pause risky actions for approval, and disable instantly. | ✓Policy, HITL approvals and kill switch, all live. | ~Kill switch yes; per-action approval unclear. |
| Skills & agents as governed objectsSkills and agent definitions as reusable, verified building blocks with version history. | ✓Skills and agent configs as versioned, signed, portable objects. | ~Blueprints, but no signing or version history. |
| Enforce your AI use policyTurn the written AI policy into enforced rules and a required sign-off. | ✓Versioned AI use policy; each person signs to continue, access pauses until they do, and flagged actions need approval. | ~Policy via Purview and Intune, but no AI-use sign-off gate. |
| Credential vault / agent identityKeys stay server-side; each agent has a governed identity. | ~Vault is live; Entra SSO and SCIM are roadmap. | ✓Entra Agent ID, first-class identity. |
| Audit log + SIEM exportEvery action recorded and streamable to your security tooling. | ✓Every call logged, SIEM-exportable. | ✓Purview audit plus Sentinel. |
| Runtime threat protectionDetect attacks, block injection, cover devices and feed the security team. | ~Scans tool calls and redacts PII; not full threat detection, device or security-team coverage. | ~Defender and Prompt Shields within Microsoft. |
| Shadow-AI discoveryFind unsanctioned AI tools people already use. | ✕Sees only what routes through airlock; cannot discover tools that bypass the connector. | ~Defender and Intune, preview, blind to browser tabs. |
| Data-leakage / DLPStop sensitive data going into AI tools. | ~Redaction on tool I/O, not the conversation. | ✓Purview DLP; blocks paste into ChatGPT. |
| Fit & commercial | ||
| No-code / non-engineerSet up and run it without engineers. | ✓One connector; OpenAPI-to-MCP in 60s. | ~Needs you to already run Microsoft 365, plus IT admins. |
| Per-engagement isolationA separate, walled scope per client engagement. | roadmapA formal per-engagement project hierarchy is on the roadmap; not yet a productised per-client tenant. | ~Scopes within one tenant. |
| Reseller programBuyable and resellable through partners. | roadmapReseller program announced; still being built. | ✓Sold through Microsoft partners (CSP). |
| Compliance (EU) | ||
| EU data residencyData stored and processed in the EU. | ✓EU-hosted · GDPR-aligned, built for the EU AI Act. | ✓EU Data Boundary. |
| EU AI Act tooling / evidenceEvidence and templates for EU AI Act compliance. | roadmapLive audit trail; packaged Evidence Pack is roadmap. | ~A Purview Compliance Manager template; partial, not full Act tooling. |
| Certifications (SOC 2 / ISO 27001)Third-party security certifications. | roadmapNone held yet; ISO 27001 and SOC 2 in progress, with a live Aikido security badge published. | ✓Full Microsoft certification set. |
Pick the one that fits
Choose airlock
airlock is the better fit if you:
- Use several AI tools across vendors, not just Microsoft
- Have no engineering team and want setup in minutes
- Need to govern Claude, ChatGPT and Cursor, not only Microsoft agents
- Want EU data residency and transparent, per-user pricing
Choose Microsoft Agent 365
Microsoft Agent 365 is the better fit if you are:
- All-in on Microsoft 365 and standardising on Copilot
- Resourced with IT admins to configure and run it
- Focused on running and identity-managing agents inside the Microsoft tenant
- After Purview DLP and Microsoft's certification set
What each costs
Free, then €19 per user per month. Transparent, no prerequisite.
$15 per user per month, on top of a Business Premium or E5 prerequisite.
Moving from, or running alongside, Agent 365
The two are not mutually exclusive. Teams on Microsoft 365 often keep Agent 365 for Microsoft-native agents and put airlock in front of the non-Microsoft clients people actually use day to day (Claude, ChatGPT, Cursor). airlock needs no migration: point the clients at one connector and set policy server-side.
Common questions
Does Microsoft Agent 365 govern Claude or ChatGPT?
airlock vs Microsoft Agent 365: which should you choose?
What does each cost?
Where does Microsoft Agent 365 win?
How long does airlock take to set up?
Is airlock EU-hosted?
Govern the AI tools your team already uses.
Link any tool once, reuse everywhere, audit forever. One layer over every MCP-compatible client, set up without engineers.