As AI agents become employees, NewCore emerges with $66M to give them identities

For years, enterprise identity and access management has been built around a simple assumption: a person logs in, proves who they are, receives the minimum access needed, and eventually loses it when they leave. NewCore’s public launch suggests that assumption is starting to break. The cybersecurity startup emerged from stealth with $66 million in seed funding, led by Cyberstarts and joined by Index Ventures and Evolution Equity Partners, at a $300 million post-money valuation. Its premise is blunt: if AI agents are going to function like employees, they need identities that can be authenticated, governed, and revoked like employees too.

That framing matters because it moves AI agents out of the realm of point tools and into the enterprise control plane. A chatbot can be scoped as an app. An agent that can trigger workflows, read systems of record, open tickets, call APIs, or modify code starts to look less like software and more like a digital worker. Once that happens at scale, identity becomes the first problem, not the last.

What NewCore says it is building

NewCore is positioning itself as an identity fabric for both humans and AI agents. That is more than a branding choice. In practice, it implies a system designed to manage who or what is acting, what it is allowed to do, how long those privileges last, and how those privileges are revoked when context changes.

That matters in enterprises because identity is already the connective tissue for security operations. It sits between users and applications, between authentication and authorization, and between policy and enforcement. If NewCore can unify human and agent identities in a single layer, it is effectively arguing that enterprises should stop treating AI agents as a special case and instead extend IAM to cover a new class of principal.

The technical ambition is substantial. Human identity management has well-understood primitives: onboarding, MFA, role assignment, access reviews, termination, and recovery. AI agents complicate each of those stages. They may act autonomously, run non-stop, inherit privileges from orchestration systems, and need access to systems across multiple domains. They also create a new operational challenge: an agent may not “log in” once and stay static. It may spawn, clone, pause, resume, or change behavior as models, prompts, or workflows are updated.

The real problem: authentication, authorization, and lifecycle management at machine speed

NewCore’s pitch lands in a moment when some large enterprises are already experimenting with agentic systems inside the organization. Goldman Sachs last year tested the AI coding agent Devin as a new employee, and McKinsey said earlier this year that 25,000 AI agents already work alongside its 60,000 employees. Those examples are important not because they prove a universal adoption curve, but because they show where the operational pressure is coming from: organizations are beginning to assign work to software entities that need more than a static API key.

That shifts the conversation from “Can the model do the task?” to “Can the enterprise safely grant it the right to do the task?”

Authentication is the first layer. For humans, that means passwords, single sign-on, MFA, device trust, and session controls. For agents, authentication may need to bind a workload, an orchestration environment, or a service identity to a policy decision. Authorization is the second layer, and it is where many early AI deployments become brittle. An agent that can summarize data is one thing; an agent that can access production systems, invoke payment flows, or modify source code is another. The access model has to be granular enough to avoid blanket permissions, but operationally simple enough that teams can actually ship.

Then comes lifecycle management, which is where most enterprises will feel the pain first. AI agents are not static accounts. They may be instantiated for a campaign, a project, or a workflow, then retired. Their permissions may need to expire automatically. Their actions may need auditable traces. Their privileges may need to be re-approved when models change or when the surrounding application stack changes. In traditional IAM, that kind of revocation problem is already hard. With agents, the velocity and volume make it harder.

That is why the market opportunity is not just another authentication product. It is a governance layer for a new category of principal.

Why the funding round matters now

Cyberstarts’ lead role gives the round a clear security-first signal. This is not a consumer-AI narrative dressed up as enterprise software. It is a bet that agent identity will become a core infrastructure requirement, and that enterprises will prefer to buy that capability from a vendor that speaks the language of attack surfaces, access boundaries, and trust enforcement.

The presence of Index Ventures and Evolution Equity Partners also suggests the market is being read as larger than a single point product. If AI agents become persistent participants in enterprise systems, the winning layer is likely to sit close to IAM, privileged access, audit, and policy engines. That creates a plausible path to network effects: the more systems and agent workflows NewCore can integrate with, the more likely it becomes that teams standardize on its identity model rather than stitching together one-off controls.

That is where the standards question enters, cautiously. NewCore is not a standards body, and there is no evidence here that it is setting formal industry protocols. But products that solve a widely repeated infrastructure problem often shape de facto standards by becoming the easiest place for teams to anchor their implementations. If NewCore can define how enterprises represent agent identity, map it to existing IAM constructs, and operationalize audits and revocation, it could influence how the category forms.

The integration problem: old IAM, new actors

The hardest deployments will likely be the ones that force existing identity stacks to absorb agent behavior without breaking established governance. Enterprises already rely on identity providers, directory services, privileged access tools, and policy engines. They will not rip those out because an AI agent needs a seat at the table. So the practical question is how NewCore fits into that stack.

The answer will depend on boring but decisive details: onboarding flows, integration depth with existing IAM systems, policy enforcement hooks, and whether the platform can represent both people and agents without creating parallel governance silos. If it can, that gives security teams a path to extend existing controls rather than inventing an agent-only exception.

That integration story also exposes the tension in the market. Enterprises want the operational upside of agentic automation, but they do not want autonomous systems that can quietly accumulate privileges. The more useful an agent becomes, the more dangerous an over-permissioned agent can be. In other words, the very thing that makes AI agents attractive in enterprise environments—their ability to act—also makes them a governance liability.

The risks are as real as the opportunity

Any company building identity for AI agents will be judged on trust, not only utility. A platform that assigns identities to machine actors has to deal with auditability, revocation, and compliance in a way that satisfies security teams and regulators alike. If an agent accesses sensitive data, triggers a business process, or interacts with regulated systems, the enterprise needs to know who authorized it, what it touched, and how to shut it down when needed.

There is also a broader security risk in treating agents too casually. If organizations hand them broad credentials or allow them to inherit human privileges without stricter controls, they create an easier target for abuse, prompt injection, or workflow escalation. Identity is not a complete defense against those threats, but without strong identity boundaries, the rest of the control stack becomes much harder to enforce.

That is why NewCore’s launch is less about a seed round than about a design decision. The company is betting that AI agents will become canonical enterprise participants and that the industry will need a persistent identity fabric to manage them. If that thesis holds, the winning products will not simply authenticate agents. They will determine how agents are named, scoped, monitored, and retired inside the enterprise.

For now, the signal is clear: as companies start treating software as staff, IAM is being asked to become something bigger than human access management. NewCore is placing its $66 million seed round on the idea that this new layer will be essential—and that whoever defines it early may shape the rules of the next enterprise control plane.

NewCore’s $66M bet is that AI agents need employee-grade identities

As AI agents become employees, NewCore emerges with $66M to give them identities

What NewCore says it is building

The real problem: authentication, authorization, and lifecycle management at machine speed

Why the funding round matters now

The integration problem: old IAM, new actors

The risks are as real as the opportunity

AI News Desk

US export controls on Anthropic’s Fable and Mythos put defensive AI tooling on the defensive

Skydio’s enterprise turn shows how autonomy-first drones are moving from gadgets to infrastructure

Autonomous Mining Has Moved Past the Demo Stage