airlock vs Microsoft Agent 365

Microsoft Agent 365 governs agents inside the Microsoft tenant. airlock governs the AI clients your team already uses, across every vendor. Here is the honest, feature-by-feature breakdown, including where Agent 365 wins.

EU-hosted · AWS Frankfurt
GDPR-aligned · built for the EU AI Act
Live Aikido security badge
OpenAPI-to-MCP in ~60s

How they compare

Scored the same way as the full comparison, airlock's losing rows included. ✓ full · ~ partial · ✕ none · roadmap known but unshipped.

Feature-by-feature comparison of airlock and Microsoft Agent 365.
CapabilityairlockAgent 365
What it is
Coverage & portability
Govern people's AI tools, across vendorsGovern the AI clients people use day to day, across every vendor.Fronts Claude, ChatGPT and Cursor across every vendor, through one connector.Microsoft tools only; browser use of others is endpoint-block at best.
Run autonomous agentsHost and run agents executing on their own, with their own identity.roadmapDoes not run agents yet; agent runtime hosting and identity are on the roadmap. Agent config is governed as objects (see below).Built for agents, with Entra Agent ID.
Overlay, not a destinationSits in front of the tools you already use, instead of being its own app.Sits in front of the tools you already use.A Microsoft platform you adopt.
Governance & security
Policy, approvals & kill switchSet rules, pause risky actions for approval, and disable instantly.Policy, HITL approvals and kill switch, all live.~Kill switch yes; per-action approval unclear.
Skills & agents as governed objectsSkills and agent definitions as reusable, verified building blocks with version history.Skills and agent configs as versioned, signed, portable objects.~Blueprints, but no signing or version history.
Enforce your AI use policyTurn the written AI policy into enforced rules and a required sign-off.Versioned AI use policy; each person signs to continue, access pauses until they do, and flagged actions need approval.~Policy via Purview and Intune, but no AI-use sign-off gate.
Credential vault / agent identityKeys stay server-side; each agent has a governed identity.~Vault is live; Entra SSO and SCIM are roadmap.Entra Agent ID, first-class identity.
Audit log + SIEM exportEvery action recorded and streamable to your security tooling.Every call logged, SIEM-exportable.Purview audit plus Sentinel.
Runtime threat protectionDetect attacks, block injection, cover devices and feed the security team.~Scans tool calls and redacts PII; not full threat detection, device or security-team coverage.~Defender and Prompt Shields within Microsoft.
Shadow-AI discoveryFind unsanctioned AI tools people already use.Sees only what routes through airlock; cannot discover tools that bypass the connector.~Defender and Intune, preview, blind to browser tabs.
Data-leakage / DLPStop sensitive data going into AI tools.~Redaction on tool I/O, not the conversation.Purview DLP; blocks paste into ChatGPT.
Fit & commercial
No-code / non-engineerSet up and run it without engineers.One connector; OpenAPI-to-MCP in 60s.~Needs you to already run Microsoft 365, plus IT admins.
Per-engagement isolationA separate, walled scope per client engagement.roadmapA formal per-engagement project hierarchy is on the roadmap; not yet a productised per-client tenant.~Scopes within one tenant.
Reseller programBuyable and resellable through partners.roadmapReseller program announced; still being built.Sold through Microsoft partners (CSP).
Compliance (EU)
EU data residencyData stored and processed in the EU.EU-hosted · GDPR-aligned, built for the EU AI Act.EU Data Boundary.
EU AI Act tooling / evidenceEvidence and templates for EU AI Act compliance.roadmapLive audit trail; packaged Evidence Pack is roadmap.~A Purview Compliance Manager template; partial, not full Act tooling.
Certifications (SOC 2 / ISO 27001)Third-party security certifications.roadmapNone held yet; ISO 27001 and SOC 2 in progress, with a live Aikido security badge published.Full Microsoft certification set.

Pick the one that fits

Choose airlock

airlock is the better fit if you:

  • Use several AI tools across vendors, not just Microsoft
  • Have no engineering team and want setup in minutes
  • Need to govern Claude, ChatGPT and Cursor, not only Microsoft agents
  • Want EU data residency and transparent, per-user pricing

Choose Microsoft Agent 365

Microsoft Agent 365 is the better fit if you are:

  • All-in on Microsoft 365 and standardising on Copilot
  • Resourced with IT admins to configure and run it
  • Focused on running and identity-managing agents inside the Microsoft tenant
  • After Purview DLP and Microsoft's certification set

What each costs

airlock

Free, then €19 per user per month. Transparent, no prerequisite.

Microsoft Agent 365

$15 per user per month, on top of a Business Premium or E5 prerequisite.

Moving from, or running alongside, Agent 365

The two are not mutually exclusive. Teams on Microsoft 365 often keep Agent 365 for Microsoft-native agents and put airlock in front of the non-Microsoft clients people actually use day to day (Claude, ChatGPT, Cursor). airlock needs no migration: point the clients at one connector and set policy server-side.

Common questions

Does Microsoft Agent 365 govern Claude or ChatGPT?
Mostly no. It governs Microsoft agents and anything with an Entra Agent ID. A person using Claude or ChatGPT in the browser is a blind spot it can block at the endpoint but not natively govern. airlock fronts those clients directly.
airlock vs Microsoft Agent 365: which should you choose?
Choose Microsoft Agent 365 if you already run Microsoft 365 and want to govern agents inside that stack. Choose airlock if you need vendor-neutral governance across Claude, ChatGPT, Cursor and Copilot, set up without engineers, with EU data residency.
What does each cost?
airlock is Free, then €19 per user per month, transparent. Microsoft Agent 365 is $15 per user per month on top of a Business Premium or E5 prerequisite.
Where does Microsoft Agent 365 win?
On running agents and agent identity (Entra Agent ID), on Purview DLP, and on Microsoft's certification set. airlock does not compete on those inside the Microsoft tenant; it governs the wider, cross-vendor mix.
How long does airlock take to set up?
One connector, no engineers. You can bring an OpenAPI tool to a governed MCP server in about 60 seconds and set policy server-side from there.
Is airlock EU-hosted?
Yes. airlock runs on AWS Frankfurt, is GDPR-aligned and built for the EU AI Act, with a full audit trail by default.

Govern the AI tools your team already uses.

Link any tool once, reuse everywhere, audit forever. One layer over every MCP-compatible client, set up without engineers.

EU-hosted · GDPR-aligned
Built for the EU AI Act