Skip to content

Regulus

Where Google ADK ends, regulated builds begin.

Google ADK ships AI agents. Regulus ships AI agents your regulator accepts.


60s · 5min · 15min

60s   regulus init my-agent --profiles=eu-ai-act,uk-gdpr,fca-sysc
                            --frameworks=nist-ai-rmf,iso-42001

5min  cd my-agent && gradle wrapper && ./gradlew bootRun

15min hit /chat → see policy + privacy + audit + GRC envelope

Install the CLI to make this real.

Why Regulus for the full story.

Show me — the diff for the audit-event proof.


Choose your path

You are… Start here
An engineer new to Regulus Why RegulusShow meInstall the CLI
A security architect / enterprise IT Security modelSecurity architectureProduction hardening
A governance leader (CISO / CAIO / CRO / 2L / 3L) Governance overviewThree Lines of DefenceGRC integration
Preparing for ISO 42001 certification ISO/IEC 42001Audit walkthroughProgram operating model
New to regulatory vocabulary What is regtech?What is AI governance?Glossary

What Regulus is — and isn't

Is: A BasePlugin suite + service extensions + compliance profiles + governance frameworks + GRC adapters for ADK 1.x. Pure Java; Spring Boot starter optional. Distributes via Maven Central, Gradle Plugin Portal, and a single-binary CLI.

Isn't: A replacement for ADK, a no-code agent builder, an LLM provider, a legal opinion, or a substitute for your DPO / SMF holder / clinical safety officer.

What it costs you not to use Regulus

A rough table for a senior backend engineer with no prior regtech, no existing tooling. The point isn't the precision — it's the visibility of the unbuilt cost.

Control Build it yourself Regulus
Enterprise SSO → policy/audit identity model ~5 engineer-weeks IdentityAdapter SPI + OIDC adapter
PII redaction + tests + audit ~3 engineer-weeks One plugin
Dual-control kill switch (Identity-gated) ~4 engineer-weeks One plugin + KillSwitchAuthorizer
Audit pipeline + retention + erasure ~6 engineer-weeks One plugin + compactor
Tamper-evident audit chain + offline verifier ~3 engineer-weeks Opt-in flag + regulus audit verify
Cross-org A2A request signing (RFC 9421) ~4 engineer-weeks A2ARequestSigner SPI
Residency proof + fail-closed startup ~2 engineer-weeks One plugin
EU AI Act Annex III classification ~5 engineer-weeks One plugin
NIST AI RMF / 600-1 control mapping ~6 program-weeks One framework binding
ISO 42001 Statement of Applicability ~3 program-weeks per cycle Generated artefact
GRC tool integration (any one vendor) ~4-8 engineer-weeks One adapter

Full breakdown at Compliance → Time saved.