PortEden vs Google Vault
Google Vault is eDiscovery, retention, and legal-hold for Google Workspace — designed for litigation response and compliance archives. PortEden is real-time AI access control: it sits between AI clients (Claude, ChatGPT, Gemini, Copilot) and your live Gmail, Drive, and Calendar data. Most regulated teams need both — Vault to retain history, PortEden to govern what AI can see right now.
- You need real-time control over what AI clients can see in Gmail, Drive, Docs, Sheets, and Calendar.
- You want redaction and per-agent rules at the request boundary, not retention after the fact.
- You use multiple AI vendors — Vault has no concept of an 'AI client.'
- You also need controls on Microsoft 365 data (Outlook, SharePoint, Teams).
- Your only need is eDiscovery, legal hold, and retention policies for Google Workspace.
- You don't have AI clients touching live Workspace data yet, or you accept that they will be unmoderated when they do.
- Your security team's question is 'preserve the past' not 'control the present.'
Side-by-side
| Feature | PortEden | Google Vault |
|---|---|---|
| Plans | ||
| Free tier | ||
| Self-serve signup | Workspace Business+/Enterprise | |
| Enforcement | ||
| Real-time AI request filtering | ||
| Per-AI-client rules | ||
| Inline redaction | ||
| Compliance | ||
| eDiscovery / legal hold | Out of scope | |
| Data lifecycle | ||
| Retention rules | Out of scope | |
| Model coverage | ||
| Works with Claude / ChatGPT / Copilot | ||
| Integrations | ||
| Works with Microsoft 365 data | ||
| Audit | ||
| Per-agent audit log | User audit log | |
How each handles real scenarios
A workspace admin needs to ensure Claude Desktop can't read the CEO's mailbox via a shared Gmail delegate
PortEden's Gmail connector denies delegated mailbox access by sender domain, mailbox alias, and label. Claude Desktop, configured as a remote MCP client, sees the user's own inbox but the delegated mailbox returns a redacted stub.
Vault has no AI client concept. It can produce a forensic record of what was in the mailbox at a point in time, but it does not sit in Claude's request path.
Legal asks 'preserve every email matching <case ID> sent by these 12 custodians for two years'
Out of scope — PortEden does not handle retention or legal hold. Use Vault.
This is Vault's primary purpose: matter-based holds, retention policies, and exportable preservation across Gmail, Drive, Chat, Meet, and Voice.
An AI agent is summarizing customer support tickets pulled from Gmail and accidentally surfaces an HR escalation
Pre-deployed Gmail rule denies access to any thread containing senders from hr@ or recipients in the leadership-team alias. The agent's request returns the rest of the inbox; the HR thread is invisible at the API layer. Audit log shows the deny.
Vault would let you find the leaked summary after the incident is reported and produce the underlying email for a hold. It doesn't prevent the access in the first place.