NewCore, a security-first identity platform built for enterprises managing humans, machines and AI agents, has emerged from stealth mode with $66m in funding to address what it describes as a structural flaw at the heart of modern enterprise security.
The round was backed by Cyberstarts, Index Ventures and Evolution Equity Partners. The company was founded by a team of cybersecurity and enterprise IT veterans, including co-founder and CEO Zohar Alon, whose earlier venture Dome9 was acquired by Check Point. The funding will support the commercial rollout of a platform designed to discover, secure and govern every identity across an enterprise environment, including those belonging to AI agents.
NewCore argues that the wave of major security breaches in recent years, spanning MGM, Change Healthcare and Snowflake customers, share a common thread: identity infrastructure that was never designed for the environment it is now expected to protect. Existing platforms were built roughly fifteen years ago for employees accessing web applications, relying on protocols including SAML, static service accounts and password-derived session tokens. NewCore contends that this gap cannot be closed through incremental upgrades and has built its platform from the ground up to address it.
The platform centres on several architectural innovations. Its Secure Split Key technology eliminates the single point of failure in SAML and OIDC signing infrastructure, closing the class of attacks behind some of the most significant identity breaches on record, including Golden SAML, session theft, token replay and identity vendor supply-chain compromises.
A feature called VisualMFA replaces conventional authentication factors with an out-of-band, visually verifiable exchange resistant to relay, replay and social engineering attacks, while hardware-bound credentials anchored in TPM and Secure Enclave retire phishable factors entirely. The platform also continuously maps every identity across an enterprise, including shadow accounts, orphaned credentials and ungoverned agents that legacy systems do not surface.
AI agents are treated as first-class identities within the platform, each assigned their own lifecycle, trust scoring and revocation path rather than being managed as service accounts. NewCore also ships an integration package compatible with leading coding agents including Claude Code, Codex and Cursor, enabling those tools to authenticate and operate within an enterprise’s trust framework. The company has additionally developed an agent-driven migration model it describes as capable of moving customers onto the platform within hours, preserving existing federations and policies without downtime.
The platform is designed for enterprise environments where agentic identities may outnumber human ones by significant multiples, and the company frames its primary value metric not as uptime or provisioning speed but as the volume of risk removed from the enterprise.
NewCore co-founder and CEO Zohar Alon said, “Identity is broken, and yet it has become the control plane of the modern enterprise. We built NewCore for the workforce that actually exists today, one of humans, machines, and agents, and we built it security-first from day one. The goal isn’t to manage identity better. It’s to remove categories of risk that the industry and our customers have lived with for far too long.”
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
