What is Onyxia Cyber?

Onyxia is a preemptive cyber resilience platform for CISOs and security teams. It unifies telemetry from 40+ security tools, benchmarks programs against NIST CSF and MITRE ATT&CK, and helps CISOs quantify and demonstrate the business value of cybersecurity investments.

What security tools does Onyxia integrate with?

Onyxia integrates with 40+ leading security tools, including CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Tanium, Okta, Microsoft Entra ID, Cisco Duo, JumpCloud, Qualys, Tenable, Rapid7, Wiz, Orca, Microsoft Defender for Cloud, Checkmarx, Proofpoint, Mimecast, Abnormal, Cofense, Microsoft Sentinel, KnowBe4, Cloudflare, Cisco Umbrella, Checkpoint, Microsoft Intune, Jamf Pro, VMware Workspace One, Axonius, Armis, and Atlassian Jira.

Is Onyxia SOC 2 certified?

Yes. Onyxia is SOC 2 Type II certified (AICPA audited) and ISO 27001 certified.

What compliance frameworks does Onyxia support?

Onyxia aligns to the NIST Cybersecurity Framework (NIST CSF) and MITRE ATT&CK, and supports compliance demonstration across SOC 2 and ISO 27001.

The Top CISO Stories from Around the Web: May 2026

From the Pentagon overhauling its paper-heavy compliance process to hackers poisoning AI coding assistants with the new "TrapDoor" malware, CISOs are fighting on entirely new battlegrounds. Between navigating OpenAI's double-edged "Daybreak" initiative, debating whether to actually pay off ransomware actors, and scrambling to hire talent during a massive 11% job surge, the pressure is officially on. Let’s dive into the major shifts, high-stakes dilemmas, and new threats redefining security this month.

For CISOs, dawn of OpenAI Daybreak brings good and bad news

Source: TechTarget

OpenAI's launch of its Daybreak cybersecurity initiative provides CISOs with a powerful, AI-driven tool to reshape and accelerate software vulnerability discovery. However, the technology also presents significant challenges by raising complex questions regarding accountability for autonomous security decisions. Furthermore, it accelerates an escalating AI arms race by giving both defenders and malicious actors access to the same sophisticated capabilities.

To pay, or not to pay: 58% of CISOs say they would pay the ransom for their data

Source: CSO

A recent survey of 750 CISOs in the US and UK found that 58% would be willing to pay a ransom to recover their organization's data during a cyberattack, despite official warnings from the FBI and the UK's National Cyber Security Centre. However, historical data shows that actual payment rates are lower, and organizations that do comply often fail to fully recover their data or prevent further exploitation. Ultimately, experts suggest that unless a company has highly robust and reliable backups, they may feel pressured to pay to avoid potentially catastrophic financial and operational losses.

One Job That Is Growing in the A.I. Era? Cybersecurity Experts.

Source: The New York Times

Artificial intelligence is fueling a massive wave of cybersecurity hiring, with Q1 2026 job postings up 11% and search firms facing an acute shortage of qualified candidates. This intense demand is heavily driven by the widespread use of generative AI, which frequently introduces code vulnerabilities and bugs that human experts must resolve. Additionally, the need for skilled practitioners has intensified as cybercriminals increasingly leverage AI tools to launch more automated and sophisticated digital attacks.

DOW Preparing Major Overhaul of Cybersecurity Compliance Process, CISO Says

Source: GovConWire

The Department of War (Pentagon) is preparing a major overhaul of its Risk Management Framework (RMF), moving away from its legacy, paper-heavy compliance process. Pentagon CISO Aaron Bishop stated that the reform will focus on simplification, automation, and continuous telemetry-driven monitoring to better support modern warfare requirements. The initiative also aims to enhance real-time operational visibility and adapt security controls for non-person, system-level, and AI identities.

TrapDoor malware campaign puts developer workstations in CISO spotlight

Source: CSO

The "TrapDoor" malware campaign targeted software developers by embedding malicious code into open-source packages across npm, PyPI, and Crates.io to steal infrastructure credentials and sensitive local data. Unlike traditional attacks, it compromised entire workflows by altering files used by AI coding assistants to manipulate automated security scans. Consequently, security experts advise CISOs to treat developer workstations as production-adjacent infrastructure and implement automated, install-time behavior scanning.