The modern corporate directory is a curated list of humans. Every employee has a badge, a corporate email, and a set of permissions tied to their specific role in the organization. But beneath this visible layer of human personnel, a shadow workforce is expanding at an exponential rate. Thousands of AI agents, scripts, and automated workflows are currently operating across enterprise networks, yet they are almost universally managed as second-class citizens. Most companies handle these entities through a chaotic sprawl of shared API keys, generic service accounts, and hard-coded credentials that rarely expire and are seldom audited. This creates a massive security vacuum where the entity performing the work has no verifiable identity and no traceable lifecycle.

The Rise of First-Class AI Identities

NewCore has emerged from stealth mode to address this governance gap, securing 66 million dollars in seed funding to redefine how enterprises authenticate non-human intelligence. The funding round was led by the cybersecurity-focused venture firm Cyberstarts, with significant participation from Index Ventures and Evolution Equity Partners. This investment places NewCore at a post-money valuation of 300 million dollars, signaling a strong market appetite for specialized AI governance tools. The company is positioning itself not as a simple security layer, but as a fundamental identity platform that treats AI agents as first-class identities.

In the NewCore framework, an AI agent is no longer a nameless process running under a shared service account. Instead, it is granted a unique identity that mirrors the lifecycle of a human employee. This includes a formal onboarding process where the agent is assigned specific permissions, a monitoring phase where its actions are logged against its unique ID, and a decommissioning process that ensures all access is revoked the moment the agent is no longer needed. By integrating human and AI identities into a single management system, NewCore allows administrators to oversee their entire workforce—biological and synthetic—through one unified pane of glass.

Beyond the Plugin Approach to IAM

For years, the identity and access management market has been dominated by giants like Okta and Microsoft Entra. These platforms were built for a world where the primary user was a human sitting behind a keyboard. As AI agents became more prevalent, these incumbents responded by adding AI-centric features as plugins or extensions to their existing human-centric architectures. NewCore argues that this additive approach is fundamentally flawed because it treats AI agents as an edge case rather than a core component of the modern workforce.

Zohar Alon, CEO of NewCore, suggests that the industry is moving toward a reality where AI agents will not just assist humans but will operate as independent members of the organizational structure. This shift necessitates a ground-up redesign of security architecture. To solve the inherent risks of centralized identity stores, NewCore has implemented a split-key architecture. In traditional systems, a single compromise of the identity provider can grant an attacker the keys to the entire kingdom. NewCore eliminates this single point of compromise by dividing critical identity credentials between the customer and the platform. Neither party holds the full key alone, ensuring that a breach at the platform level does not automatically result in a total system collapse for the client.

This architectural shift is designed for a future where the ratio of agents to humans flips. Alon predicts that within a few years, the number of AI agents in tech-centric organizations will surpass the number of human employees. This vision aligns with perspectives from industry leaders like N. Chandrasekaran, Chairman of Tata Consultancy Services, who has noted that AI agents could eventually match the scale of the human workforce. When an organization employs ten thousand humans and a million AI agents, the traditional method of managing service accounts becomes a mathematical impossibility and a security nightmare.

To bridge the gap between theory and practice, NewCore provides what it calls Agentic Skill packages. These are integration modules that allow high-powered AI tools such as Anthropic's Claude Code, OpenAI's Codex, and Cursor to access corporate systems through managed identities rather than manually deployed credentials. Instead of a developer pasting a long-lived API key into a config file, the AI tool requests access through the NewCore identity layer. This allows administrators to use a dedicated mobile app to review access requests in real-time and revoke permissions instantly if an agent begins to exhibit anomalous behavior.

By shifting the paradigm from shared service accounts to individual agent identities, NewCore is attempting to solve the structural vulnerability of the AI era. The ability to precisely control, audit, and terminate the access of a specific AI agent transforms these tools from unpredictable black boxes into accountable corporate assets.

The success of the agentic enterprise now depends on whether companies can move past the convenience of shared keys toward a rigorous system of individual synthetic identity.