Firms pursue continuous identity in push to meet agentic paradigm shift

Israeli cybersecurity startup NewCore has emerged from stealth boasting $66 million in investment from Cyberstarts, Index Ventures and Evolution Equity Partners. A release from the company says NewCore offers “a single platform that discovers, secures, and governs every identity in the modern enterprise, human and agentic alike.”

While identity has become both critical infrastructure for organizations and a broad attack surface for fraud, many continue to use dominant identity platforms developed “for a world of employees logging into web apps, built on aging protocols such as SAML, static service accounts, and password-derived session tokens that were never designed to serve as the security perimeter for this environment.”

NewCore proposes a new security architecture, built for an agentic context, which continuously discovers and maps every identity in the enterprise, including the shadow accounts, orphaned credentials, and ungoverned agents.

The firm says it built its stack from the ground up to address the current security landscape in which humans, machines and AI agents interact, and to eliminate categories of exposure that prior architectures left open by design. “Secure Split Key (SSK)” architecture aims to neutralize the class of attacks typical of large identity breaches, making agentic governance a “core design constraint of the platform, not an add-on.”

An Agentic Skill integration package for leading coding agents lets them authenticate and operate within enterprise infrastructure as first-class citizens. An agent-driven coexistence model preserves existing federations and policies. Per the release, the platform is engineered for environments where agentic identities outnumber human ones by two orders of magnitude or more.

Zohar Alon, NewCore’s CEO, says “identity is broken, and yet it has become the control plane of the modern enterprise. The goal isn’t to manage identity better. It’s to remove categories of risk that the industry and our customers have lived with for far too long.”

Sailpoint announces plan to acquire Entro

SailPoint, Inc. will acquire Entro, a Tel Aviv-based company that works in non-human identity (NHI) and credentials security. An announcement says that, upon completion, the acquisition will mark a “strategic expansion and acceleration of the recently launched SailPoint Agentic Fabric, advancing SailPoint’s vision to secure the modern enterprise with adaptive identity security across the entire digital ecosystem.”

SailPoint CEO Mark McClain says the recently launched Agentic Fabric “established a new paradigm for securing autonomous AI agents and non-human identities at scale, including native discovery, governance and protection. By bringing Entro’s powerful and complimentary technology into our SailPoint platform, we will be giving our customers an even bigger advantage: frictionless, complete visibility into every non-human identity and – crucially – the context and credentials they use to access critical corporate data.”

Entro will expand Sailpoint’s credentials coverage, add deep lineage mapping enabling organizations to trace non-human identities back to human owners for accountability, and proprietary Non-Human Identity Detection and Response (NHIDR) capabilities.

The transaction is subject to closing conditions and is expected to close in the third quarter of fiscal year 2027.

Crowdstrike gives Falcon sharper talons

CrowdStrike has launched Continuous Identity for AI Agents to “reinforce the CrowdStrike Falcon platform as the identity security control plane for the agentic enterprise,” according to a release.

CrowdStrike’s system continuously authorizes every agent action in real time, “based on who owns the agent, who is calling it, and the risk posture of their device – evaluated against native and third-party risk signals on the Falcon platform.”

“AI agents are transforming how work gets done, and how identities must be secured,” says Elia Zaitsev, chief technology officer, CrowdStrike. “Point-in-time authorization becomes a legacy approach the second agents are given autonomy. Authorize once and trust indefinitely is not a security model; it’s a liability. That’s the shift CrowdStrike is driving, from static, one-time access decisions to Continuous Identity.”

Akamai establishes pillars for AI commerce framework

Cambridge, Massachusetts-headquartered Akamai has released a unified agentic framework for its Bot & Agent Control solutions, which a release says connects identity, observability, trust, and edge security into “a single, real-time decisioning layer to power scalable AI-driven interactions at the edge.”

The framework is built on six integrated pillars: verified identity and human attribution; user-centric authentication; adaptive trust analysis; edge-based enforcement; content monetization and value exchange; and operational visibility and traffic analysis.

“AI agents are replacing clicks, acting and handling commerce for us,” says Patrick Sullivan, VP and CTO of security strategy for Akamai. “We’ve built this so that identity informs visibility, visibility drives trust, and trust powers the decisions that let companies safely grow and monetize these new AI interactions. We’re giving businesses the confidence to open their doors to AI without compromising security.”

Silverfort integrates runtime identity enforcement for MS Copilot Studio

Silverfort has announced the integration of its Identity Security control for AI agents for Microsoft Copilot Studio. A release says the integration delivers inline identity security at runtime, “enforcing intelligent access control policies at the precise moment a Copilot agent attempts to act and blocking unauthorized access before execution.”

Silverfort’s runtime identity enforcement limits unauthorized privilege elevation, stops AI agent overreach, dynamically adapts access policies and creates audit trails, all delivered in a unified single control plane.

“The more access an AI agent has to corporate resources, the more powerful it becomes,” says said Ron Rasin, chief strategy officer at Silverfort. “Without deep identity context, there’s no way to make an informed, real-time decision about whether an agent’s action is legitimate or overreach. That’s why agentic security is an identity problem at its core.”

“Silverfort’s integration with Microsoft Copilot Studio is a recognition that runtime identity enforcement isn’t optional, it’s the foundation for deploying AI with confidence.”

Article Topics

agentic commerce  |  AI agents  |  Akamai  |  Crowdstrike  |  digital identity  |  identity security  |  NewCore  |  SailPoint  |  Silverfort