The Shift from Service Accounts to Agentic Identities

As organizations increasingly deploy AI agents to perform tasks alongside human employees, existing identity and access management (IAM) systems are struggling to keep pace. NewCore, a cybersecurity startup that recently emerged from stealth with $66 million in funding, argues that traditional identity providers—designed for human users—are ill-equipped to handle the scale and complexity of autonomous software workers.

Rather than treating AI agents as static service accounts or machine credentials, NewCore proposes that agents should be managed as "first-class identities." This approach provides agents with their own distinct permissions, lifecycle management, and revocation mechanisms, ensuring that as AI agents begin to outnumber human employees in tech-forward organizations, they remain governed and secure.

Technical Architecture and Oversight

NewCore’s platform is built from the ground up to integrate human and AI-agent identities into a unified system. Key technical features include:

• Split-Key Architecture: A security model that divides critical identity credentials between the customer and the platform to eliminate single points of compromise.
• Agentic Skill Integration: A package that allows coding assistants (such as Claude Code, OpenAI’s Codex, and Cursor) to access enterprise systems using managed identities, removing the need for manually distributed, insecure credentials.
• Human-in-the-loop Oversight: A mobile application that enables human managers to grant, review, and revoke access for AI agents in real-time, providing a necessary layer of control over autonomous systems.

By moving away from legacy identity frameworks, NewCore aims to provide the guardrails necessary for enterprises to scale their AI workforce without compromising their security posture.