Imagine spending six years building what you believe is an impenetrable security system for a $6 billion company. You've implemented awareness programs, dark web monitoring, endpoint protection, every tool in the cybersecurity playbook.
Then one day, a targeted phishing attack slips through anyway, and you realize with sinking clarity that for this particular threat, all you can really do is "raise awareness and pray that users will not share their password."
This was Gautier Bugeon's reality two years ago as SOC manager for Eramet, a major French mining corporation. The breach was a turning point, not just professionally but philosophically. "I became very, very frustrated because I had everything in place," he recalled. "And we still got breached, because it was a very targeted attack."
The culprit was stolen credentials—the cybersecurity industry's oldest and most intractable problem. "When someone is targeting you with a stolen credential, it's still the best way to get into a network," Bugeon said. "Unfortunately, it's been 10 years, and I think it will still be the case in 10 years."
From that frustration came an insight that would become the foundation of MokN, a cybersecurity startup that has just raised €2.6 million in a Seed funding round led by Moonfire, with participation from OVNI Capital, Kima Ventures, and business angels. In just 16 months, the company has surpassed $1 million in annual recurring revenue and attracted 26 clients. Half of them are billion-dollar companies.
Their solution sounds almost absurdly simple: If attackers are going to try stolen credentials on your network, why not give them fake doors to try and trick them into disclosing them?
The Obvious Idea No One Had Built
Bugeon wrestled with the fundamental problem.
Existing solutions like dark web monitoring operate on a flawed premise—that attackers will share stolen credentials before using them.
"Companies do use dark web monitoring, thinking, 'Okay, an attacker steals the password and shares it before using it,' and that makes no sense," he explained. "If an attacker steals credentials, he's not stupid. He will just use it in an attack."
The insight came to him with striking clarity: "I thought, 'I really need to find something that will allow me to get this subject back in my technical hands.' Because for every other subject...endpoint protection, mail protection, everything...I have tools to do this. But for this one, it's just awareness and pray that users will not share the password."
What if, he wondered, there were fake entry points scattered across his network? "If I had fake open doors to my network, attackers would have tried those stolen credentials on them, and I would have known weeks before that those credentials were breached."
It seemed so obvious that Bugeon assumed someone must have already built it. "To my surprise, nobody had done this before," he said.
Honeypots—decoy systems designed to lure attackers—have been around for three decades. But creating contextualized honeypots that perfectly mimic real corporate infrastructure, complete with authentic certificates and domains, while filtering out the deafening noise of millions of internet connection attempts, was uncharted territory.
When Bugeon approached major deceptive honeypot companies with his idea, they were unanimous in their dismissal. "They all told me, 'Sorry, it's impossible. You will have too much noise, and honeypots are not made to be exposed on the internet, because attackers will have countless time to figure out if it's fake or not,'" he said.
Building in Secret
Bugeon disagreed.
He began developing a prototype in his spare time with two members of his team at Eramet: security analysts Alexis Georges and Adrien Casteleiro. Eight months later, they had their first version. They quit their jobs before even deploying it once, a leap of faith that would prove prescient. Last year, Antoine Coudoux, a former Deloitte cybersecurity advisor, joined as CMO and a fourth co-founder.
Almost a year ago, the group joined the Hexatrust Accelerator Program. Hexatrust is an association of hardware and software companies that adhere to France's and Europe's cloud de confiance standards of privacy and trust. The accelerator program, launched by the association in 2021, provides mentoring and business advice, but also visibility to the network of Hexatrust members and partners through targeted events.
From there, MokN won the Gold Medal in the "Innovative Solutions" category at the Cyber Night organized by Republik Cyber, an ecosystem dedicated to CISOs & Cyber Directors of large companies. And it was named a finalist for the Innovation Prize at Les Assises, the major cybersecurity conference last week in Monaco (but did not win).
Core Technology and Approach
The MokN platform operates as a SaaS solution with a library of what the company calls "baits"—fake doors that appear completely legitimate to potential attackers.
"What's a door that is working very well is a fake SSL VPN, for example, used for remote work," Bugeon explained. An attacker scanning a network might discover something labeled "Test VPN" or "backup VPN"—tantalizing targets that appear to lack multi-factor authentication or seem outdated and vulnerable.
"They will try their credential on this one, but it's a fake. It's us," Bugeon said. "They have no single way to know that it's a fake one or that it's hosted on our platform, and the client gets an alert the second they press Enter."
Once an attack is detected, the remediation is straightforward: "Just reset the password instantly," Bugeon said.
The challenge for MokN isn't convincing customers they need the solution—it's the technical complexity of making it work.
Unlike standard honeypots that operate within internal networks, MokN's Baits are deployed on the public internet, where attackers have the opportunity to thoroughly inspect services. This requires a high degree of fidelity in replication, making these baits much harder for attackers to distinguish from actual company resources.
"The Internet is a very noisy place, so you will have millions of attempts every month, and you have to figure out how to find the one that is important," Bugeon explained. The second challenge is "making portals that are indistinguishable from real ones."
Still, the response from potential clients has been striking in its consistency. "99% of clients told us, 'How is it possible that nobody has done this before?'" Bugeon said. "When you expose them to the strategy, it's obvious you have to do this."
The American Dream
With the latest funding, MokN is now setting its sights on the United States. One co-founder is relocating to New York next month, and Bugeon plans to move his family there next year. The strategy isn't just about proximity to customers—it's about credibility.
"You have to be there," he said. "Cybersecurity is the same in Europe and in the US. Basically, you have to get the right network so you have to be visible."
Bugeon's approach emphasizes technical legitimacy over salesmanship. "I'm attending a lot of conferences, but technical conferences, not sales conferences," he said. "It's extremely important that you have the technical legitimacy to talk in cybersecurity."
The French market has validated the concept, he said. The US market, where "there is not a single competitor," represents a substantially larger opportunity.
Staying Small in an Age of Bloat
Despite ambitious growth plans, Bugeon maintains an unconventional philosophy about team size.
"We went from zero to one with six people, and I could have done it with three, because right now, with the right tools, you can do a lot of things," he said. "I'm not aiming for being at 10 million [ARR] with 100 people—that would be a massive failure for me. I think I can achieve this with 25."
The company's roadmap includes leveraging generative AI to create even more sophisticated baits. "Using Gen AI will allow us to address very specific threats," Bugeon explained. For industrial clients with specialized equipment, AI could replicate remote access systems for industrial machines "branded with all the logo and things like that." Without AI, he noted, "it would have been way too long to craft a portal completely, and it wouldn't have been scalable at all."
MokN plans to raise another funding round in early 2026, but only after proving the model works in America. "We have strong opportunities, but nothing closed in the US," Bugeon acknowledges. "Before raising another round, I want to prove and be sure that I'm able to close some clients, and after that, I will press the accelerator and hire a lot more salespeople in the US."
