Rebuilding Identity for the Agentic Era: Our Investment in NewCore

I’ve known Zohar Alon, the CEO and founder of NewCore, for over a decade, but I wouldn’t say we experienced love at first sight. We first got to know each other in the early days of Dome9 — the cloud security company he founded. And although we introduced him to his first CMO and connected him with Ofer Katz (before Ofer truly became Ofer), we didn’t converge on multiple rounds of financing. In fact, he ran the business until Check Point acquired the company. So a decade later, I think we were both surprised by how quickly we converged on partnering in the company's first round (before NewCore truly became NewCore).

Most of the industry has spent the last decade treating identity as plumbing — something the CIO provisions and the help desk resets. That era is over. Identity has quietly become the control plane of the modern enterprise, and with it, the primary way attackers get in. The largest breaches of the last three years — MGM, Change Healthcare, the Snowflake customer compromises, even breaches of the identity providers themselves — share a common root. This isn't a vendor problem. It's an architecture problem.

Today's dominant identity platforms were architected fifteen years ago for a world of employees logging into web apps. The protocols underneath them — SAML, static service accounts, password-derived sessions — were never designed to be the security perimeter, and the workforce has changed underneath them. AI agents now spin up in seconds, make decisions, and demand fine-grained, revocable access to production systems. In many enterprises, non-human identities already outnumber humans by one to two orders of magnitude. We’ve all witnessed the overwhelming inertia incumbents have and the failed attempts to bolt a future state onto old architecture. You have to build for it from the start.

That's exactly what Zohar and his co-founders set out to do. NewCore is a security-first identity platform, rebuilt from the ground up for the workforce that actually exists — humans, machines, and agents — under a single architecture. Where prior generations of identity platforms measured themselves by seats provisioned and tickets closed, NewCore measures itself on a different thing entirely: the amount of risk it removes from the enterprise.

That shows up across the product. Secure SplitKeys eliminate the single point of compromise in SAML signing infrastructure, closing off the class of attacks — Golden SAML, token replay, and adversary-in-the-middle session theft — that have been behind some of the worst identity breaches on record. Agents are treated as first-class identities, with their own lifecycle, attribution, trust scoring, and revocation path — not service accounts in disguise —, and NewCore ships an agentic skill that works natively with coding agents such as Claude Code, Codex, and Cursor. VisualMFA retires phishable factors in favor of hardware-bound, out-of-band verification. An agent-driven migration model lets customers move on in hours, running in parallel with their existing systems, with no rip-and-replace.

This time, Zohar and I met at just the right time. Zohar has built teams and platforms that enterprises can rely on, and Amihai is an 8200 alum and among the sharpest offensive researchers I know. It’s a team building a security-first platform, drawing on lessons from the past, but with no technical debt holding them back from building for a new era.

We're thrilled to back Zohar, Amihai, Erez and the entire NewCore team alongside our friends at Cyberstarts and Evolution Equity Partners. NewCore emerges from stealth today with $66 million and a deceptively simple ambition: to make identity the strongest layer of the stack instead of the weakest.