NewCore Raises $66M to Build Identity Management for AI Agents
NewCore has raised $66M to build identity and access management (IAM) infrastructure specifically for AI agents, arguing that enterprises will soon need to govern non-human workers at scale the same way they govern people today.
Original sourceNewCore is betting that the fastest-growing class of enterprise worker isn't human. The startup has closed a $66M funding round to build what it describes as identity and access management infrastructure for AI agents — the autonomous software systems that enterprises are increasingly deploying to handle tasks ranging from customer support to code review to procurement workflows. The core premise: existing IAM tooling was designed for people, and AI agents have fundamentally different identity requirements — they don't have SSO accounts, they don't show up in HR systems, and their permissions aren't governed by an org chart.
The problem NewCore is targeting is real and increasingly urgent. As enterprises move from deploying individual AI models to orchestrating fleets of agents that can spawn sub-agents, call external APIs, and take actions in production systems, the question of who authorized what — and under what constraints — becomes a genuine security and compliance issue. Current approaches are ad hoc: teams hard-code API keys, share service accounts, or bolt agent identities onto existing human identity providers in ways that weren't designed for non-human actors operating at machine speed.
NewCore's approach centers on giving each AI agent a cryptographically-backed identity, scoped permissions that follow least-privilege principles, and an audit trail that compliance teams can actually read. The company claims integrations with major enterprise identity providers and cloud platforms, though specifics on the technical implementation and pricing structure haven't been fully disclosed. The $66M raise — the size of which signals this is being positioned as infrastructure-layer, not tooling — will go toward expanding the team and deepening integrations with the enterprise identity ecosystem.
Panel Takes
The Builder
Developer Perspective
“The primitive here is straightforward: cryptographically-scoped, non-human service identities with auditable permission trails. That's a real gap — I've personally jury-rigged agent auth with shared service accounts and it's exactly as ugly as it sounds. The question I can't answer from what's been disclosed is whether this is a genuine protocol layer or just a managed-secret-store with a dashboard on top, and that distinction determines whether I'm adopting it or avoiding it entirely.”
The Skeptic
Reality Check
“The problem is real — I'll give them that. But Okta, Azure AD, and AWS IAM are all staring directly at this opportunity, and they have the enterprise relationships, the compliance certifications, and the distribution that a $66M Series A startup does not. NewCore's 12-month kill condition is obvious: one of the incumbent IAM vendors ships 'agent identities' as a feature flag and the wedge disappears overnight. To survive that, they need to be so deeply embedded in agent orchestration workflows — not just identity issuance — that ripping them out breaks things.”
The Futurist
Big Picture
“NewCore's thesis is falsifiable and I respect that: within 36 months, enterprises will manage more non-human identities than human ones, and the tooling gap will be a board-level security concern before the incumbents close it. The second-order effect that nobody's talking about is governance — if every agent has a verifiable identity and scoped permissions, you can finally build meaningful accountability chains for autonomous decisions, which is the missing prerequisite for regulated industries to deploy agents in anything consequential. NewCore isn't just riding the agentic deployment trend; they're betting that compliance infrastructure is what unlocks the next wave of enterprise adoption, and that bet has a mechanism behind it.”
The Founder
Business & Market
“The buyer here is the CISO, and that's both the strength and the trap — security budgets are real and large, but CISO sales cycles are brutal and the bar for trust is high for a company that hasn't shipped through a full enterprise audit cycle yet. The moat question is the one that matters: if this is credential issuance and audit logging, that's a feature; if it becomes the authoritative registry of agent permissions across an enterprise's entire stack, that's a platform with genuine switching costs. $66M is enough runway to find out which one they're building, but they need to get a referenceable Fortune 500 deployment before the incumbents wake up.”