airlock vs open-source MCP gateways

Self-hosted open-source MCP gateways are vendor-neutral, free and extensible, if you have engineers to run them. airlock delivers the same governance as a managed, no-code service. This is the build-versus-buy call.

EU-hosted · AWS Frankfurt
GDPR-aligned · built for the EU AI Act
Live Aikido security badge
OpenAPI-to-MCP in ~60s

How they compare

Scored the same way as the full comparison, airlock's losing rows included. ✓ full · ~ partial · ✕ none · roadmap known but unshipped.

Feature-by-feature comparison of airlock and open-source MCP gateways.
CapabilityairlockSelf-host / OSS
What it is
Coverage & portability
Govern people's AI tools, across vendorsGovern the AI clients people use day to day, across every vendor.Fronts Claude, ChatGPT and Cursor across every vendor, through one connector.Vendor-neutral; brokers any client and any server.
Run autonomous agentsHost and run agents executing on their own, with their own identity.roadmapDoes not run agents yet; agent runtime hosting and identity are on the roadmap. Agent config is governed as objects (see below).~Runs agents via the gateway; identity varies by project.
Overlay, not a destinationSits in front of the tools you already use, instead of being its own app.Sits in front of the tools you already use.A gateway overlay in front of your tools.
Governance & security
Policy, approvals & kill switchSet rules, pause risky actions for approval, and disable instantly.Policy, HITL approvals and kill switch, all live.~Per-tool RBAC and revoke; approvals vary.
Skills & agents as governed objectsSkills and agent definitions as reusable, verified building blocks with version history.Skills and agent configs as versioned, signed, portable objects.~Catalog objects, but rarely versioned or portable.
Enforce your AI use policyTurn the written AI policy into enforced rules and a required sign-off.Versioned AI use policy; each person signs to continue, access pauses until they do, and flagged actions need approval.No policy management.
Credential vault / agent identityKeys stay server-side; each agent has a governed identity.~Vault is live; Entra SSO and SCIM are roadmap.Mature open-source vaults (HashiCorp Vault, OpenBao) and identity (Keycloak, SPIFFE) cover this, self-wired.
Audit log + SIEM exportEvery action recorded and streamable to your security tooling.Every call logged, SIEM-exportable.Per-call audit, exportable to open-source SIEM (Elastic, Wazuh, Graylog).
Runtime threat protectionDetect attacks, block injection, cover devices and feed the security team.~Scans tool calls and redacts PII; not full threat detection, device or security-team coverage.~Open-source guardrails (LLM Guard, NeMo Guardrails, Garak) block injection; no device or security-team coverage.
Shadow-AI discoveryFind unsanctioned AI tools people already use.Sees only what routes through airlock; cannot discover tools that bypass the connector.Governs registered servers; no active discovery.
Data-leakage / DLPStop sensitive data going into AI tools.~Redaction on tool I/O, not the conversation.Open-source PII/DLP (Microsoft Presidio, LLM Guard) filters tool I/O.
Fit & commercial
No-code / non-engineerSet up and run it without engineers.One connector; OpenAPI-to-MCP in 60s.Docker and Kubernetes; you run and maintain it.
Per-engagement isolationA separate, walled scope per client engagement.roadmapA formal per-engagement project hierarchy is on the roadmap; not yet a productised per-client tenant.~Possible by running an instance per client, but DIY.
Reseller programBuyable and resellable through partners.roadmapReseller program announced; still being built.?No standard reseller program.
Compliance (EU)
EU data residencyData stored and processed in the EU.EU-hosted · GDPR-aligned, built for the EU AI Act.Self-host anywhere, including the EU, but you run it.
EU AI Act tooling / evidenceEvidence and templates for EU AI Act compliance.roadmapLive audit trail; packaged Evidence Pack is roadmap.No EU AI Act tooling out of the box.
Certifications (SOC 2 / ISO 27001)Third-party security certifications.roadmapNone held yet; ISO 27001 and SOC 2 in progress, with a live Aikido security badge published.No certifications; it is your deployment to certify.

Pick the one that fits

Choose airlock

airlock is the better fit if you:

  • Want the same vendor-neutral control without the ops burden
  • Have no engineering team, or would rather not spend it on plumbing
  • Need audit, approvals and a kill switch out of the box
  • Want EU hosting and a managed path to certifications

Choose open-source MCP gateways

A self-hosted open-source gateway is the better fit if you:

  • Have an engineering team that wants full control and extensibility
  • Want no licence cost and are happy to pay in hosting and ops
  • Can run, secure, monitor and certify the deployment yourself
  • Prefer to self-wire identity, vaults, DLP and SIEM

What each costs

airlock

Free, then €19 per user per month, with hosting, security and audit included.

open-source MCP gateways

The software is free; you pay in hosting, maintenance and engineering time.

Build versus buy

Open-source gateways and airlock play the same vendor-neutral broker role. The difference is who runs it. With open-source, deployment, maintenance, security, audit export and certifications are yours to build and own. airlock delivers the same governance as a managed service, so the cost moves off your engineers. Teams often prototype on open-source, then move to airlock when the ops and compliance burden outweighs the licence saving.

Common questions

Is an open-source or self-hosted MCP gateway good enough?
It can be, if you have engineers. Open-source gateways are vendor-neutral, free and fully extensible, and self-hosting keeps data in the EU. The cost moves into your team: deployment, maintenance, security, audit export and certifications are all yours to build and own. airlock delivers the same governance as a managed, no-code service.
Where does open-source win?
On licence cost (the software is free), on full control and extensibility, and on mature self-hosted identity and vaults if you wire them up. The trade is that you run, secure and certify everything yourself.
Does airlock use open-source under the hood?
airlock plays the same vendor-neutral broker role as open-source MCP gateways, but as a managed service with identity, a credential vault, audit and approvals built in, EU-hosted, so you do not run or certify the infrastructure yourself.
What does each cost?
Open-source software is free; you pay in hosting and engineering time. airlock is Free, then €19 per user per month, with the hosting, security and audit included.
How fast is airlock to set up versus self-hosting?
airlock needs no infrastructure: one connector, OpenAPI-to-MCP in about 60 seconds. Self-hosting means standing up and maintaining Docker or Kubernetes, identity, vaults and SIEM yourself.
Is airlock EU-hosted?
Yes. airlock runs on AWS Frankfurt, is GDPR-aligned and built for the EU AI Act, with a full audit trail by default.

Govern the AI tools your team already uses.

Link any tool once, reuse everywhere, audit forever. One layer over every MCP-compatible client, set up without engineers.

EU-hosted · GDPR-aligned
Built for the EU AI Act