NewCore has $66 million and a $300 million valuation for identity software that gives AI agents permissions, owners, and offboarding. The pitch fits an enterprise shift: teams want agents to do work, and security leaders want one place to grant and revoke access.
NewCore launched from stealth Monday with $66 million in seed funding for a security bet that more companies now face: AI agents need the same identity discipline as employees.
Cyberstarts led the round, with Index Ventures and Evolution Equity Partners also investing. Investors valued NewCore at $300 million after the investment.
The company wants security teams to manage human workers, machine accounts and AI agents in one identity system. NewCore says agents need their own permissions, lifecycle controls and revocation paths because they can take action across codebases, cloud systems and business apps.
Zohar Alon, NewCore's co-founder and CEO, has built in security before. He founded Dome9, which Check Point acquired. He started NewCore with Chief Technology Officer Amihai Neiderman, a former Unit 8200 research leader and Nym Health founder, and Chief Commercial Officer Erez Yarkoni, a former chief information officer at T-Mobile USA and Telstra.
The timing explains the size of the round. Enterprises have spent the past year moving AI agents from experiments into workflows. Goldman Sachs tested Devin as a coding agent employee last year. McKinsey said this year that 25,000 AI agents work with its 60,000 employees.
Those examples put pressure on an old part of the security stack. Identity systems such as Okta and Microsoft Entra grew around human employees, contractors and service accounts. AI agents blur those categories. They can write code, query systems, file tickets and call APIs, often through credentials that an employee created for convenience.
NewCore wants companies to stop treating agents as scripts with borrowed keys. Its platform gives each agent a managed identity, assigns permissions and lets employees review or revoke access from a mobile app. The company also offers an Agentic Skill integration package for coding tools such as Claude Code, OpenAI Codex and Cursor, so those tools can access enterprise systems through governed identities.
NewCore also uses a split-key architecture. The company says it divides critical identity credentials between the customer and the platform, which reduces the damage from one compromised system. Security buyers will ask for proof in production environments because identity vendors sell trust before they sell features.
The counterargument comes from the incumbents. Okta, Microsoft and other identity providers have strong enterprise distribution, existing admin workflows and years of integration work. They can add agent controls to products customers use now. A chief information security officer may prefer a familiar vendor over a startup, even if the startup built around agents from day one.
Alon argues that legacy identity platforms carry too much old architecture into a new workload. His case rests on scale and complexity. A company that deploys thousands of agents needs owners, approval chains, audit trails and access expiration for software workers that may spin up for one task and disappear after a sprint.
Developers have made that problem urgent. Coding agents can touch source code, secrets, cloud consoles and issue trackers in a single session. A team that manages those agents through shared tokens creates the same audit problem that security teams spent years trying to remove from service accounts.
NewCore remains early. The company has more than 50 employees across the U.S. and Israel, fewer than 10 customers and more than 10 design partners. Alon said NewCore expects to start charging customers this summer.
The adoption signal looks strong, but the market still needs clearer buying behavior. Security leaders may agree that agent identity matters and still delay another identity migration. They may ask existing vendors to extend current systems, or they may build lightweight internal controls until agents handle sensitive work at volume.
NewCore's strongest opening sits with teams that use agents inside software development and operations. Those teams feel the credential problem first because agents need repository access, CI permissions, cloud access and ticketing rights. A product that gives them short-lived access, named owners and clean revocation could move from security review to daily use.
The broader question for buyers concerns accountability. A human employee can explain a decision, lose access after leaving and face a manager. An AI agent needs a chain of responsibility that security teams can inspect after an incident. NewCore wants to supply that chain before companies discover that their fastest new workers share passwords.
Comments
Please log in or register to join the discussion