AI agents are moving from experimental helpers to active participants in enterprise work, and a new cybersecurity startup is betting that the next major infrastructure problem will be identity. NewCore, a company emerging from stealth on Monday, said it has raised $66 million to help organizations authenticate, govern and revoke access for AI agents as they are deployed more widely across corporate systems.
The round was led by Cyberstarts, with participation from Index Ventures and Evolution Equity Partners. NewCore said the financing values the startup at $300 million after investment, underscoring investor confidence that identity management for autonomous software could become a major category in enterprise security.
The company’s pitch is straightforward: if AI agents are going to operate like digital employees, then they need to be managed like digital employees. That means not just giving them credentials, but assigning them identities, permissions, oversight and revocation controls that work across the entire lifecycle of their use inside a company.
That idea is arriving at a moment when large organizations are already experimenting with AI workers in ways that blur the line between software and staff. Goldman Sachs last year tested the AI coding agent Devin as a kind of new hire. Earlier this year, McKinsey said it had 25,000 AI agents operating alongside 60,000 human employees. For NewCore, those examples are early signals of a much larger shift.
Why identity is becoming the next AI security battleground
Enterprise cybersecurity has long revolved around the question of who or what is allowed to access sensitive systems. In the age of cloud computing, that meant protecting user accounts, service accounts and machine credentials. NewCore argues AI agents now add a new and more complicated layer: software entities that can make decisions, take actions and interact with internal systems at scale, often with access that changes from task to task.
Chief executive Zohar Alon, who previously founded cloud security company Dome9 before it was acquired by Check Point, said the rise of agentic software convinced him that existing identity tools were not built for this kind of environment.
Alon said the scale and complexity introduced by AI agents will put serious strain on identity platforms that are 15 to 20 years old, arguing that those systems were not designed for a world where human employees and software workers share the same digital workplace.
In practical terms, that means companies may soon need to grant, monitor and revoke access for thousands of non-human workers just as carefully as they do for people. NewCore believes the companies that get ahead of that shift will be better positioned to deploy AI safely, while those that do not may face new security risks and governance gaps.
A team built for security, systems and enterprise operations
NewCore’s founding team combines experience in cybersecurity, advanced research and large-scale enterprise technology. Alon co-founded the company with Amihai Neiderman, now the startup’s chief technology officer, and Erez Yarkoni, the chief revenue officer.
Neiderman previously led research at Unit 8200, the elite Israeli military intelligence unit, and later founded healthcare AI company Nym Health. Yarkoni brings a long track record in enterprise operations, having served as CIO of T-Mobile USA and Telstra. The company says that mix of backgrounds helps it address both the technical and operational sides of identity management.
NewCore has more than 50 employees across the U.S. and Israel, a notable headcount for a company that has only recently emerged from stealth. The startup also says it is already working with fewer than 10 customers and has more than 10 design partners. It plans to start charging customers this summer.
How NewCore says it differs from incumbent identity providers
Big identity vendors have not ignored the rise of AI agents. Okta and Microsoft’s Entra, among others, have begun adding features aimed at agent-based access and governance. But NewCore argues that those additions are incremental, not foundational.
According to Alon, the difference comes down to architecture. Existing products were built around the assumption that the core identity in an organization is a human employee. NewCore says it was designed from day one for a mixed environment where humans, machines and AI agents coexist.
Alon said traditional identity platforms may offer “agentic” functionality as an add-on, but that the capability is bolted on rather than deeply integrated into the system.
That distinction matters, he said, because AI agents are not simply another type of software account. They may need temporary access to source code, internal databases, support systems, finance tools or security infrastructure, often with permissions that should be narrow, time-bound and auditable.
NewCore’s approach centers on what it calls “first-class identities” for AI agents. In the company’s model, a bot or coding assistant is not treated as a disposable credential or generic service account. Instead, it receives its own identity, lifecycle rules, permissions and revocation logic.
The split-key model
One of NewCore’s technical differentiators is a “split-key” architecture, in which critical identity credentials are divided between the customer and the platform. The company says this design is intended to reduce the risk of a single point of compromise.
That kind of system is especially relevant in a world where AI agents may be allowed to act autonomously. If one set of credentials can unlock broad access across a business, a compromise could be especially damaging. By separating key material, NewCore aims to make it harder for attackers to gain total control through one breach.
Managing AI access from the employee side
The startup also offers an “Agentic Skill” integration package for coding tools such as Anthropic’s Claude Code, OpenAI’s Codex and Cursor. The goal is to let those tools connect to enterprise systems as managed identities rather than through manually shared passwords or ad hoc credentials.
NewCore says employees can use its mobile app to approve, review and revoke access for AI agents. That creates a layer of human oversight around systems that may otherwise operate with increasing autonomy. In effect, the company wants managers and employees to supervise AI workers in the same way they supervise human access requests, except with more automation and tighter controls.
From a budget review to a market thesis
The origin story for NewCore began in a much less dramatic setting: a technology budget review in 2023. Alon said he was helping assess the spend of a company using a long-established identity provider when he saw how large the bill was. He assumed the customer must be highly satisfied with the product.
When he asked whether the customer was happy with the vendor, Alon recalled being told the opposite — that the company was not pleased despite the size of the contract.
That exchange, he said, reinforced the idea that identity was a massive but relatively stagnant market. The major providers had scale and brand recognition, but competition was limited and many customers still felt underserved. NewCore is now trying to enter that market at a moment when the stakes are rising rapidly because of AI.
The startup’s thesis is that identity management, once a back-office security function, is becoming central to whether enterprises can safely adopt AI at all. If companies cannot tell exactly what an agent is, what it can do and when it should lose access, they may hesitate to let those systems near critical workloads.
Why the workforce analogy matters
One of NewCore’s more striking arguments is that AI agents should be viewed less like software utilities and more like members of the workforce. That language may sound provocative, but it reflects a real operational shift inside many companies.
In practice, AI agents can already write code, summarize documents, triage support tickets, prepare reports and trigger workflows across internal tools. As their capabilities improve, the number of agents deployed inside a company could grow quickly, especially in technical organizations seeking to automate repetitive work.
Alon said he expects AI agents to outnumber human workers at many technology companies within a few years. That forecast is still speculative, but it aligns with a broader industry conversation about whether digital workers will become a structural part of enterprise staffing.
That view has also surfaced outside the startup world. TCS chairman N. Chandrasekaran recently suggested that AI agents could eventually grow to a scale comparable to the Indian IT company’s own workforce. Taken together, those comments suggest business leaders are beginning to think of AI not merely as a productivity tool, but as a labor force that will need governance.
What companies will need to manage as agent adoption grows
If AI agents become routine inside organizations, security teams will need to answer questions that do not fit neatly into older IAM frameworks. Those questions include who approved the agent, what systems it can reach, whether its permissions are still necessary, and how access is revoked when the task is complete.
Companies will also need to know whether an agent is acting on behalf of one employee, one department or one application. They may want to review what the agent did, whether it used the right credentials and whether its actions were within policy. In highly regulated industries, those controls could become essential.
Below is a summary of the core issues NewCore is targeting:
- Authentication: proving that an AI agent is legitimate before allowing access.
- Authorization: limiting what the agent can do once inside enterprise systems.
- Lifecycle control: creating, updating and retiring AI identities as tasks change.
- Revocation: removing access quickly if behavior becomes risky or unnecessary.
- Oversight: giving employees a way to approve and audit agent activity.
Key facts at a glance
| Item | Details |
|---|---|
| Company | NewCore |
| Launch status | Emerging from stealth |
| Funding raised | $66 million |
| Post-money valuation | $300 million |
| Lead investor | Cyberstarts |
| Other investors | Index Ventures, Evolution Equity Partners |
| Founders | Zohar Alon, Amihai Neiderman, Erez Yarkoni |
| Employees | More than 50 |
| Customers | Fewer than 10 |
| Design partners | More than 10 |
| Planned billing start | Summer 2026 |
Timeline of NewCore’s rise
| Time period | Development |
|---|---|
| 2023 | Alon says the idea begins to take shape during a technology budget review. |
| 2024 | AI agents become more visible in enterprise conversations, including at large companies testing them internally. |
| Early 2026 | McKinsey says 25,000 AI agents are already working alongside 60,000 employees. |
| June 2026 | NewCore emerges from stealth with $66 million in funding. |
| Summer 2026 | The company expects to begin charging customers. |
The market opportunity and the risks ahead
Identity is already a large enterprise software market, but the AI era may expand it in new directions. If organizations deploy thousands of agents, they will need tools that can keep pace with rapid change while preserving security and compliance. That could create a significant opening for startups that are purpose-built for agent governance.
At the same time, NewCore will face a crowded and well-resourced field. Incumbents such as Okta and Microsoft already own deep relationships with enterprise buyers, and they are moving to address the same problem. NewCore’s success will likely depend on whether customers believe a new architecture is necessary, rather than a feature update from an existing vendor.
There is also an open question about whether companies are ready to treat AI agents as entities with identities of their own. Some may still see them as extensions of the tools and users that deploy them. Others may prefer a dedicated system if it can reduce risk and simplify oversight. The answer may vary by industry, company size and the sensitivity of the systems involved.
Why investors are paying attention now
Cybersecurity investors have long favored categories that become unavoidable once a new technology reaches scale. Identity management often fits that mold: when every user, device or workload needs access, security budgets tend to follow. AI agents may create a similar dynamic if they become common across enterprises.
That is one reason the funding round matters beyond NewCore itself. A $66 million raise, especially at a $300 million valuation, suggests the market is already willing to price in a future where agent identity is not optional.
For investors, the attraction is not only the growth of AI agents but the possibility that a new layer of control will be needed underneath them. Whoever owns that layer could become an important gatekeeper in enterprise AI deployment.
What happens next
NewCore says it is still early in its commercial rollout, with a small but growing set of customers and design partners. The company’s near-term focus will likely be turning technical interest into production deployments and proving that its identity model works at enterprise scale.
Its broader test will be whether security teams agree with its central premise: that AI agents are not just tools, but operational actors that need their own guardrails. If that view gains traction, identity could become one of the first major enterprise systems to be redesigned around AI.
For now, NewCore is making a bold bet that many organizations will soon need a way to know not just who is logging in, but which AI agent is acting, on whose behalf, with what authority and under what limits.
As Alon sees it, that future is not hypothetical. It is already beginning to arrive.
“It’s inevitable,” Alon said of AI agents becoming a major part of the workforce, framing the remaining question as whether companies will put the right guardrails in place soon enough.
