AI Employees Are Here – And They’re Getting Company Logins

Estimated reading time: 9 minutes

Key Takeaways

NewCore raised $66 million and emerged from stealth in June 2026 to give AI agents their own official enterprise identities.
AI agents are already operating inside major companies – McKinsey runs around 25,000 AI agents alongside roughly 40,000 human employees.
Most AI agents today are provisioned without the knowledge of security teams, creating serious blind spots for enterprise risk.
NewCore competes in a category that Microsoft and Okta are also moving into – but claims it was built from the ground up for this problem.
The core question is no longer whether AI agents will have company access – they already do. The question is who manages and secures that access.

The Startup That Just Changed the Conversation
What Does an AI Agent Actually Do at Work?
The Giant Security Problem Nobody Was Talking About
What NewCore Is Actually Building
The Team Behind the Technology
NewCore Is Not Fighting This Battle Alone – Or Unopposed
Why This Matters Beyond the Hype
The Bigger Picture for Startups and Founders
Frequently Asked Questions

Imagine logging into work one morning and finding out your newest colleague completed three reports overnight, pushed code to your company’s repository, filed tickets, and accessed your HR system – all without drinking a single cup of coffee. Now imagine that colleague is not a person at all. It is an AI agent. And it has a company login.

This is not science fiction. This is June 2026. And a stealth cybersecurity startup just raised $66 million to make sure that AI agent has an ID badge to match.

The Startup That Just Changed the Conversation

On June 15, 2026, a company called NewCore stepped out of the shadows and into the spotlight with one of the most eye-catching announcements in enterprise tech this year. According to TechCrunch, NewCore raised $66 million from top-tier investors Cyberstarts, Index Ventures, and Evolution Equity Partners – and came out valued at a staggering $300 million post-investment.

The timing was deliberate. NewCore made the announcement at Identiverse Las Vegas, the industry’s biggest identity and security conference, held June 15 through 18, 2026. If you wanted to make a statement about the future of who – or what – gets access to a company’s most sensitive systems, there is no better stage.

But what exactly is NewCore building? The answer is simple to say and complex to understand: it is building a system that gives AI agents their own official work identities – the same way a human employee gets an email address, a set of permissions, and a keycard on their first day.

What Does an AI Agent Actually Do at Work?

Before we dig into why this matters, let us take a moment to understand what AI agents actually are in a workplace context.

An AI agent is not just a chatbot that answers questions. It is an AI system that can take actions. It can log into tools. It can read and write files. It can access cloud services, send emails, push code, update spreadsheets, query databases, file customer support tickets, and trigger automated workflows – all on behalf of a human team or a business process.

A chatbot gives you an answer. An AI agent goes and does the thing.

Companies like McKinsey are already living this reality. According to Moneycontrol, citing Business Insider and McKinsey CEO Bob Sternfels, McKinsey now has around 25,000 AI agents working alongside approximately 40,000 human employees, helping with consulting workflows like research, analysis, and building tools for clients. To put that in perspective – that is almost as many AI agents as human workers at one of the world’s most prestigious consulting firms.

And McKinsey is not alone. TechCrunch also reported that Goldman Sachs tested Devin, Cognition’s AI coding agent, essentially as a new hire. Meanwhile, Business Standard reported that TCS Chairman N. Chandrasekaran said at the company’s 31st annual general meeting that TCS could have as many AI agents as human employees within just three years – and that AI-led automation would begin to slow down their pace of human hiring because some work would shift entirely to AI agents.

The trend is real, it is moving fast, and it is reshaping how companies think about their workforce.

The Giant Security Problem Nobody Was Talking About

Here is where it gets scary – and where NewCore’s big bet starts to make a lot of sense.

When a human employee joins a company, there is a whole system in place to manage them. They get a verified identity, a specific set of permissions, a manager who is accountable for them, logs of what they do, and an offboarding process when they leave. Security teams can see them. IT can control them. If something goes wrong, there is a trail.

Now think about what happens when an AI agent joins the party. Right now, in most companies, AI agents are being set up informally. Employees are provisioning them on their own, connecting them to sensitive systems, and handing them API keys or shared service accounts. And most of the time, security teams have absolutely no idea this is happening.

NewCore describes this problem directly on its platform page: AI agents are already being connected to sensitive systems and are often completely invisible to security teams. They are operating with broad access, no proper audit trail, and no clear way to shut them down quickly if something goes wrong.

The solution NewCore is proposing? Treat every AI agent like a first-class identity inside the company – the same way you would treat a real employee.

What NewCore Is Actually Building

According to NewCore’s newsroom, the company describes itself as a “security-first identity platform” built for a workforce that now includes humans, machines, and AI agents. Rather than patching agents into old-school employee identity systems, NewCore says it was built from scratch to handle all three types of users in one unified platform.

Here is what that looks like in practice:

Agentic SSO: AI agents cannot type a password or click an MFA prompt on their phone the way a human can. So NewCore has built a governed sign-in pathway specifically designed for agents to authenticate safely and consistently. (newcore.com)
Task-scoped tokens: Instead of giving an agent broad, permanent access to everything it might ever need, NewCore issues short-lived access tokens that are scoped specifically to the task the agent is doing right now. Once the task is done, the access expires. (newcore.com)
AI inventory and audit trails: NewCore can discover all the human and AI identities inside a company – including shadow accounts, orphaned credentials, and ungoverned agents that nobody officially approved – and map out what they are doing and who is responsible for them. (newcore.com)
Machine-speed security: Because AI agents work at machine speed – far faster than any human – security checks need to happen at that same speed. NewCore claims to do real-time policy checks on authentication requests, token creation, and tool calls. (newcore.com)
Secure Split Key architecture: NewCore says it splits critical cryptographic key material between the customer and its own platform, so that a single breach does not hand an attacker the keys to the kingdom. (newcore.com)
Agentic Skill integration for coding tools: NewCore also has an integration package designed for AI coding assistants like Claude Code, OpenAI Codex, and Cursor, allowing them to access enterprise systems as properly managed identities rather than through manually distributed credentials that often get mishandled. (techcrunch.com)

And on AWS Marketplace, NewCore’s listing shows the platform connecting to systems like Okta, Microsoft Entra, Active Directory, Workday, HR platforms, PAM and IGA tools, and discovering AI agents across Microsoft Copilot Studio, Claude, and OpenAI – all while attributing agents to human owners and mapping out their OAuth connections. The listing shows a 12-month annual subscription priced at $360 per user per year, with a 250-user minimum, meaning enterprise customers are looking at a minimum annual contract of $90,000 through that channel.

The Team Behind the Technology

This is not a team of first-timers making big promises. NewCore’s founders bring serious pedigree to the table.

Zohar Alon, co-founder and CEO, previously founded Dome9, a cloud security company that was acquired by Check Point – one of the most respected names in cybersecurity.
Amihai Neiderman, co-founder and CTO, is a former research leader in Israel’s elite Unit 8200 intelligence unit and the founder of Nym Health.
Erez Yarkoni, co-founder and CCO, served as the CIO of both T-Mobile USA and Telstra – two of the largest telecoms in their respective markets.

NewCore is headquartered across Tel Aviv and San Francisco, has grown to more than 50 employees, and as of TechCrunch’s report in June 2026, was working with fewer than 10 paying customers and more than 10 design partners – with plans to begin charging customers in summer 2026. They are early. But the category they are building into is already heating up fast.

NewCore Is Not Fighting This Battle Alone – Or Unopposed

Here is the thing that makes this story even more exciting: NewCore is not the only one who sees this coming. The giants of enterprise identity are already moving.

Microsoft has built Entra Agent ID directly into its identity platform. According to Microsoft’s own documentation, agent identities in Microsoft Entra ID are accounts that provide unique identification and authentication for AI agents – and they can be governed just like human identities, with lifecycle controls, Conditional Access, ID Protection, and human accountability through owners or sponsors.

Okta, one of the biggest names in identity and access management, announced a suite of agent-focused identity features in 2026, including shadow AI-agent discovery, Universal Directory support for AI agents as first-class non-human identities, credential vaulting and rotation, token revocation, audit logs, an Agent Gateway, and full agent lifecycle governance.

Even NIST – the National Institute of Standards and Technology – is paying attention. The NIST National Cybersecurity Center of Excellence published a 2026 concept paper specifically exploring how identity systems can manage both human and AI agent identities – covering everything from human-in-the-loop approvals to fully autonomous agent action, and pointing to standards like MCP, OAuth, OIDC, and SPIFFE/SPIRE as relevant frameworks for building this out.

When NIST is writing concept papers about it and Microsoft is shipping features for it, a thing is no longer a startup fantasy. It is a real, emerging enterprise category.

NewCore’s founder argues that the incumbents are bolting agent identity features onto systems that were never designed for this world. As TechCrunch reported, NewCore’s CEO says traditional vendors add agentic identity “on the side,” whereas NewCore was designed from the ground up to handle humans, machines, and agents together – not as an afterthought. NewCore itself points out that legacy identity systems were built around patterns like SAML, static service accounts, and password-derived session tokens that simply were not designed for fleets of AI agents spinning up at machine speed, spawning sub-agents, and accessing production systems in real time. (newcore.com)

SecurityWeek also covered NewCore’s launch, noting that the platform is designed to continuously discover and map identities – including shadow accounts, orphaned credentials, and ungoverned agents – and that NewCore claims it can deploy alongside existing identity systems with zero downtime. That claim has not been independently validated, but it is the kind of promise that makes enterprise buyers listen.

Why This Matters Beyond the Hype

Let us be clear about one thing before anyone’s imagination runs too wild: AI agents are not employees in any legal or HR sense. They are not on payroll. They do not have employment rights. They are not legal persons. But from an IT and security standpoint, they are increasingly being treated as workplace actors – digital workers with delegated tasks, system access, accountability chains, and audit trails.

And that is exactly what makes this story so important.

Okta frames the core security challenge around three simple but urgent questions:

Where are my agents?
What can they connect to?
What can they do?

Those are the same questions security teams ask about human employees – and for the exact same reasons. Because if you do not know the answer, you are exposed.

What happens if an AI agent with access to your customer database gets compromised? What happens if an ungoverned agent that an employee spun up six months ago is still running, still accessing systems, and nobody knows it is there? What happens if an agent that was given too much access makes a change to production code that nobody authorized?

These are not hypothetical questions. They are the questions that keep CISOs awake at night – and they are the questions that just received $66 million worth of attention.

The Bigger Picture for Startups and Founders

For the startup community, the NewCore story is a masterclass in spotting the moment when a vague technological shift becomes a specific, monetizable problem.

AI agents are not new. But the security and identity problems they create inside enterprises are crystallizing right now, in 2026, as companies move from experimenting with AI to actually deploying it at scale. The window between “problem is emerging” and “problem is so well-known that incumbents have fully solved it” is exactly where great startups live.

NewCore saw that window, built in stealth, pulled together a team with deep credibility, and emerged with $66 million and a $300 million valuation to stake their claim. Whether they can hold that ground against Microsoft, Okta, and the next wave of competitors will be one of the most interesting battles to watch in enterprise tech over the next two to three years.

But one thing is already certain: the era of AI agents quietly accessing company systems without accountability, audit trails, or proper identity controls is coming to an end. The question is no longer whether AI agents will get company logins. They already have them. The question is who is going to manage those logins – and who is going to own the platform that makes it all secure.

That race has officially started.

Frequently Asked Questions

What is NewCore and what does it do?

NewCore is a cybersecurity startup that emerged from stealth in June 2026 after raising $66 million. It builds a security-first identity platform designed to give AI agents their own official enterprise identities – the same way a human employee gets an email address, permissions, and access credentials on day one. Its platform handles identity management for humans, machines, and AI agents in one unified system.

Why is AI agent identity a cybersecurity problem?

Most AI agents inside companies today are set up informally – employees provision them without involving security or IT teams, hand them API keys or shared credentials, and connect them to sensitive systems. This means security teams often have no visibility into what agents exist, what they can access, or what they are doing. If an agent is compromised or misconfigured, there may be no audit trail and no fast way to shut it down.

How many AI agents are companies actually using today?

The numbers are already striking. McKinsey reportedly runs around 25,000 AI agents alongside roughly 40,000 human employees. Goldman Sachs tested an AI coding agent as a de facto new hire. TCS’s chairman has said the company could have as many AI agents as human employees within three years. AI agents are not a future concept – they are a present reality at some of the world’s largest organizations.

Who are NewCore’s main competitors?

The biggest competitors are the incumbents in enterprise identity – chiefly Microsoft, which has built Entra Agent ID into its existing identity platform, and Okta, which announced a full suite of AI agent identity features in 2026. NewCore’s argument is that these players are adding agentic identity as a bolt-on to systems designed for human workers, whereas NewCore was architected from scratch to handle all three types of identities – human, machine, and AI agent – in one unified platform.

How much does NewCore cost?

Based on NewCore’s AWS Marketplace listing, the platform is priced at $360 per user per year with a minimum of 250 users, putting the minimum annual contract at $90,000 through that channel. NewCore was planning to begin charging customers in summer 2026, so pricing structures outside of AWS Marketplace may also apply.

Are AI agents legally considered employees?

No. AI agents are not employees in any legal or HR sense. They are not on payroll, have no employment rights, and are not legal persons. However, from an IT and cybersecurity perspective, they are increasingly treated as workplace actors – digital workers with delegated tasks, system access, and audit trails. The challenge for security teams is that the technical footprint of an AI agent looks a lot like a user account, which is exactly why identity governance tools are needed.