French cybersecurity innovator MokN has successfully closed a Series A funding round, raising $15 million to advance its distinctive "phish-back" platform designed for preemptive identity protection. This significant investment, bringing total capital to $18 million, underscores growing confidence in novel approaches to combating the persistent threat of compromised credentials across enterprise networks. Their solution involves strategically deploying deceptive access points to lure threat actors and identify stolen login details before exploitation.
This development emerges amid a critical period for digital security, where sophisticated adversaries increasingly target user identities as a primary vector for network intrusion and data exfiltration. The strategic environment demands a shift from purely reactive incident response to more proactive and deceptive defense mechanisms that can neutralize threats at their earliest stages, fundamentally altering the attacker-defender dynamic.
French cybersecurity startup MokN has raised $15 million in a Series A funding round that brings the total investment in the company to $18 million.
Paris-based MokN was founded in 2023 to tackle identity protection differently. Unlike traditional solutions, it plants honeypots within enterprise environments, luring threat actors into revealing compromised credentials.
Using ultra-realistic decoy access points, the phish-back solution is designed to outsmart attackers and to allow organizations to neutralize stolen credentials before they are used.
MokN’s Series A funding round was led by Google Ventures, with additional support from DataDog, investors Moonfire and OVNI Capital, and various angel investors.
The fresh investment will be used to expand the platform to the US, where credential-based intrusions have become dominant, MokN says. Per the latest Verizon DBIR, credential abuse was responsible for roughly 13% of the confirmed data breaches in 2025.
Additionally, the startup will invest in global expansion, starting with the opening of new offices in the US and the UK. To support the expansion, the company will hire new talent across sales and marketing, and customer success.
MokN also plans to expand its engineering team and to increase its research and development efforts to enhance the phish-back platform’s capabilities.
“As a former SOC Manager, I experienced firsthand how compromised identities remained a critical blind spot. MokN was built to change that. Today, we work with major enterprises to define a new category—Active Identity Recovery—giving them a proactive edge against identity-based attacks,” said MokN co-founder and CEO Gautier Bugeon.
Related: Geordie Raises $30 Million for AI Security and Governance Platform
Related: RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
Related: Exaforce Raises $125 Million for Agentic SOC Platform
Editorial Analysis
MokN's "phish-back" methodology represents a strategic pivot in defending against identity-based attacks, moving beyond traditional detection to active deception and pre-emption. By establishing ultra-realistic honeypots within enterprise environments, the platform essentially turns an attacker's reconnaissance efforts against them. When an adversary attempts to leverage what they believe are stolen credentials against these decoys, the system gains immediate insight into compromised accounts, enabling organizations to neutralize those credentials before they can be used for actual malicious access. This capability is particularly vital for large enterprises and critical infrastructure sectors, where the integrity of user identities is paramount and the cost of a breach can be catastrophic.
This approach aligns with a broader industry trend towards active defense and deception technologies, acknowledging that perimeter defenses alone are insufficient against determined adversaries. While the concept of honeypots is not new, MokN's application specifically to credential recovery and pre-exploitation neutralization marks an innovative evolution. It addresses a persistent blind spot that, as one co-founder noted, has plagued security operations centers for years: the difficulty of proactively identifying and remediating stolen identities. By offering a mechanism to discover and invalidate compromised credentials before they are weaponized, MokN contributes to a more resilient security posture, mitigating a significant percentage of data breaches attributed to credential abuse.
