What does NewCore do?

NewCore says it has built a security-first identity platform to discover, secure, and govern human users, machine identities, and AI agents across enterprise environments.

How much funding did NewCore raise?

NewCore emerged from stealth with $66 million in seed funding.

Who invested in NewCore’s seed round?

The seed round came from Cyberstarts, Index Ventures, and Evolution Equity Partners.

NewCore was founded by Zohar Alon, Amihai Neiderman, and Erez Yarkoni.

Why is NewCore focused on AI agents?

NewCore is framing AI agents as first-class enterprise identities that need permissions, tracking, governance, and revocation rather than being hidden inside shared credentials or service accounts.

$66M Bet Throws NewCore Into AI Identity Security Fight

The Israeli cybersecurity startup emerged from stealth with $66 million in seed funding from Cyberstarts, Index Ventures, and Evolution Equity Partners, according to SecurityWeek. NewCore says it has built a security-first identity platform designed for human users, machine identities, and agentic identities across enterprise environments.

NewCore exits stealth with $66 million for identity security across three identity classes

NewCore was founded by Zohar Alon, CEO, Amihai Neiderman, CTO, and Erez Yarkoni, CRO. SecurityWeek describes the Tel Aviv-based company as founded by cybersecurity veterans and Israeli intelligence alumni.

The pitch is direct: identity systems built mainly around employee access now have to handle service accounts, machine credentials, and AI agents that may act across production systems. NewCore says its platform discovers, secures, and governs those identities across an organization’s environments.

“Identity is broken, but it has become the control plane of the modern enterprise. We not only built NewCore for the workforce that actually exists today, one of humans, machines, and agents, but we built it security-first from day one. The goal isn’t just to manage identity better. It’s to remove categories of risk that the industry and our customers have lived with for too long,” Alon said.

The company’s core technical claim centers on Secure Split Key, or SSK, which NewCore says is built to reduce risks around SAML signing infrastructure. The company says SSK targets attack classes including adversary-in-the-middle session theft, Golden SAML, and token replay, a risk highlighted by the $1.9B phishing empire.

NewCore also says the platform includes an integration package for leading agents, including Claude Code, Codex, and Cursor. Those integrations matter because coding agents often need access to repositories, development tools, cloud resources, and internal workflows.

TechCrunch reported that the round values NewCore at $300 million after investment, and that the company has grown to more than 50 employees across the U.S. and Israel. TechCrunch also reported that the platform is being used by fewer than 10 customers and more than 10 design partners, with the startup expecting to begin charging customers this summer.

NewCore’s timing is the point. Its NewCore identity platform is not being sold as another login layer for employees. The startup is framing identity as the place where AI adoption becomes an enterprise security problem.

AI agents, in this context, means software systems that can act with some autonomy inside business tools. That can include coding assistants or agents that interact with enterprise systems. The security challenge is not whether those tools are useful. It is whether companies can assign them permissions, track their actions, revoke their access, and keep them from inheriting sloppy credentials.

NewCore says its platform was designed with agentic governance as a core constraint. That phrase matters. It means AI agents are treated as first-class identities with their own control paths, rather than being buried inside service accounts or manually shared credentials.

Identity type	NewCore’s stated focus	Security problem it targets
Human users	Workforce identity and verification	Phishing, session theft, social engineering
Machine identities	Credentials and access across systems	Orphaned accounts, unmanaged secrets, exposed access
AI agents	Agentic identity, governance, revocation	Ungoverned agents acting inside enterprise systems

NewCore also says it continuously discovers and maps identities, including shadow accounts, orphaned credentials, and ungoverned agents. That claim goes straight at a problem security teams already know well: assets that are not visible do not reliably get governed.

The company says it can deploy in hours using an agent-driven coexistence model that migrates existing federations and policies with zero downtime. That is a strong claim, and enterprise buyers will likely test it hard. Identity migrations can touch authentication, authorization, user experience, internal apps, and security operations all at once.

For security teams weighing where identity data flows after login, XOOMAR has covered adjacent tooling pressure in Open Source SIEM Can Bleed Security Teams Dry Fast and Best SIEM Tools That Won't Drown Lean Security Teams. NewCore’s pitch sits upstream from that problem: reduce identity risk before it turns into detection noise.

NewCore faces a crowded identity market that won’t reward vague AI security claims

NewCore is entering a market where buyers already spend heavily on identity governance, privileged access, cloud identity, and non-human identity controls. The AI-agent angle gives the startup a sharp wedge, but it does not remove the hard questions.

Enterprise customers will ask what the NewCore identity platform can actually discover, how policies are enforced, and how it coexists with existing identity stacks. They will also want proof that AI-agent controls are built into the product, not wrapped around it as a marketing label.

TechCrunch reported that established identity providers including Okta and Microsoft Entra have begun adding capabilities for AI agents. Alon argued to TechCrunch that those efforts extend platforms built for human employees, while NewCore was designed from the start for a workforce made up of humans, machines, and AI agents.

“We know for sure that the scale and the complexity that those things [AI agents] are going to add to 15- or 20-year-old identity platforms are going to break them,” Alon told TechCrunch.

That is NewCore’s central bet. If AI agents become common workplace actors, identity systems will need lifecycle controls, trust scoring, revocation, and human oversight for software workers that may operate faster than standard review cycles.

The near-term test is less philosophical. NewCore needs customer references, deployment evidence, and measurable risk reduction. The startup has funding, experienced founders, and a timely thesis. Now it has to prove that NewCore funding bought more than a polished stealth launch.

The next markers to watch are concrete: broader enterprise adoption, clearer customer traction, how the platform handles existing identity providers in live environments, and whether companies actually treat AI agents as identities that need governance from day one.

The Bottom Line

NewCore’s $66 million seed round signals strong investor demand for identity security built around humans, machines, and AI agents.
The company is targeting risks in SAML signing infrastructure, including Golden SAML and token replay attacks.
Its launch reflects a broader enterprise shift toward treating identity as the central security control plane.