NewCore emerged from stealth on Monday with $66 million in funding and a security platform built around a problem that is moving from AI demos into enterprise operations: companies are starting to give AI agents access to internal systems, but most identity stacks were not designed for software workers that can act semi-autonomously.
The Tel Aviv and San Francisco startup announced a platform for managing human, machine, and AI-agent identities in one architecture, backed by Cyberstarts, Index Ventures, and Evolution Equity Partners. NewCore said the product is available to enterprise customers now and will be shown this week at Identiverse in Las Vegas, which runs June 15-18, 2026.
The funding is notable, but the more important signal is architectural. AI agents that approve tickets, write code, query customer systems, open pull requests, or trigger deployment workflows need permissions. If those permissions are borrowed from a human account, hidden in a shared API key, or wrapped in a long-lived service credential, security teams lose the basic controls they rely on: who acted, what they could reach, how that access was approved, and how quickly it can be revoked.
Why agent identity is becoming a real security problem
Traditional identity and access management systems grew up around people, applications, and service accounts. AI agents blur those lines. An agent might be launched by an employee, operate through a coding assistant, call internal tools, read documents, summarize customer records, or write changes into production-adjacent systems. It may need narrow access for minutes, broader access during a supervised task, and no access at all once the task is done.
That makes agent identity different from ordinary automation. A cron job or backend service usually has a defined purpose and stable permission set. A general-purpose agent can change tools, goals, and context during a workflow. Without separate identity controls, companies may end up treating agents as extensions of whichever person or service account happened to start them.
TechCrunch reported that NewCore values the company at $300 million after investment and that its platform is being used by fewer than 10 customers with more than 10 design partners. The company’s founders are CEO Zohar Alon, who previously founded Dome9 before its acquisition by Check Point; CTO Amihai Neiderman, founder of Nym Health and a former Unit 8200 research leader; and CCO Erez Yarkoni, a former CIO at T-Mobile USA and Telstra.
What NewCore is trying to change
NewCore’s core claim is that agents should be first-class identities rather than disguised service accounts. That means separate lifecycle management, permission boundaries, trust signals, approval records, and revocation paths. The company is also positioning its platform around split-key architecture, phishing-resistant multifactor authentication, and controls meant to reduce single points of compromise in identity infrastructure.
SiliconANGLE’s coverage points to several technical hooks: Secure SplitKeys intended to reduce risks around SAML signing infrastructure, protection against session theft and token replay, hardware-bound user credentials, and an Agentic Skill package for coding tools including Claude Code, Cursor, and Codex. The goal is to let AI coding assistants authenticate as managed identities inside an enterprise trust map instead of relying on manually distributed credentials.
That last detail matters because coding agents are one of the first places the identity issue becomes visible. A developer-facing agent may need to inspect repositories, call CI systems, open browser sessions, interact with cloud consoles, read logs, and propose changes. Each action creates a permissions question. Did the agent act under the developer’s identity, a shared automation identity, or a distinct agent identity with its own policy?
The Microsoft and Okta comparison
NewCore is entering a market where incumbents already have deep enterprise relationships. Microsoft Entra, Okta, CyberArk, SailPoint, and other identity vendors are all under pressure to adapt as companies deploy more nonhuman identities. The question is whether AI-agent support becomes a feature inside existing IAM suites or a reason for buyers to consider new identity infrastructure.
That is the competitive opening NewCore is trying to claim. Calcalist reported that the company raised a $16 million pre-seed round followed by an expanded seed round, and that Alon wants NewCore to compete directly with Microsoft and Okta rather than become a quick acquisition target. The company has more than 50 employees across Israel and the United States.
For customers, the useful test is not whether a vendor uses agentic language. It is whether the system can answer operational questions: which agent performed this action, who approved its access, what data and tools could it reach, what policy limited it, what session evidence exists, and what happens when the workflow is over or the agent behaves unexpectedly?
What enterprises should check before giving agents access
The NewCore launch arrives as enterprises are moving from experiments toward production agent workflows. Even companies that do not buy a dedicated agent-identity platform need to decide how they will separate agent access from human access, especially in coding, finance, customer support, IT operations, security operations, and data analysis.
A practical starting point is inventory. Security and platform teams should identify where agents already touch internal systems, which credentials they use, which tools they can call, and whether logs distinguish agent actions from human actions. The next step is containment: short-lived credentials, least-privilege scopes, human approval for sensitive actions, clear rollback paths, and automatic revocation when a workflow ends.
Agents also need policy that matches the risk of the task. An assistant summarizing public documentation does not need the same identity treatment as an agent that can modify infrastructure, deploy code, send customer communications, or query regulated data. The higher the impact, the more important it becomes to bind the agent to a named workflow, a responsible human owner, a time limit, and a reviewable audit trail.
NewCore’s launch does not prove that a separate agent-identity category will replace existing IAM platforms. It does show that identity is becoming one of the first hard infrastructure questions in enterprise AI. Companies can experiment with agents quickly. Letting them operate safely across real systems will require slower, more deliberate work: credentials, policy, monitoring, revocation, and accountability.
