FIRMUS | Company Profile - Revenue, Headcount, Tech Stack, Contacts

Company Directory for FIRMUS

Team Bitscale

12 Mar 2026 — 1 min read

FIRMUS

Overview

Firmus is a cybersecurity and penetration testing services provider based in Malaysia, operating since 2008. The company specializes in security assessments and consulting services across Malaysia and Singapore, with additional offices in Hong Kong. It is recognized as a leading expert in specialized security consultancy and Critical Infrastructure Protection in the Asia Pacific region.

The company offers a wide range of cybersecurity services, including network, web, and mobile application penetration testing, digital forensics and incident response, red teaming, source code reviews, physical security assessments, and social engineering simulations. Firmus employs a team of highly skilled cybersecurity professionals with globally recognized certifications, ensuring high-quality assessments.

Firmus has received several prestigious awards, such as the ASOCIO 2023 Award and the PIKOM Digital Excellence Award 2024 for High Growth. It has also been recognized as Cybersecurity Company of the Year by CyberSecurity Malaysia in 2012, 2016, and 2021, and is an approved member of CREST since November 1, 2017.

Basic Information

Industry	computer & network security
Founded	2008
Revenue	$12.3M
Headquarters	Menara YNH, Kiara163, 8 Jalan Kiara, Mont Kiara, S-26-02, Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 50480
Languages	English

Contact Details

Phone: +65 6823 8273
Website: firmussec.com
LinkedIn: linkedin.com/company/firmussec

Key Focus Areas & Initiatives

Cybersecurity consulting services
Penetration testing (network, web, mobile, IoT, and cloud)
Red teaming and security exercises
Digital forensics and incident response
Source code reviews
Social engineering testing
Compliance audits (including ISO 27001)
Security awareness and training programs
Critical Infrastructure Protection
Security monitoring and operations
Threat intelligence and threat hunting
Vulnerability management
Breach and attack simulation
Governance, risk, and compliance (GRC) consulting
Security architecture and policy development
Incident handling and disaster recovery planning
Managed detection and response (MDR)
Cloud security assessment
Operational technology (OT) and industrial control system (ICS) security
Security compliance and risk assessment

Technologies Used

AI
Freshdesk
Google Analytics
Google Font API
Google Tag Manager
MITRE ATT&CK
MailChimp SPF
Mobile Friendly
Outlook
Shutterstock
Slack
WordPress.org

GTM Strategy: The Complete Guide (Framework, Examples & B2B Playbook)

Most things labeled a “GTM strategy” are really a channel checklist wearing a nice slide template. They are activity plans, not a coherent answer to how the business will create, capture, and deliver value for a specific buyer in a specific market. This is written for B2B founders, product marketers,

How Scrut.io Built a Compliance-Signal GTM Machine with Bitscale

Scrut Automation simplifies continuous compliance for cloud-native companies, helping them achieve ISO 27001, SOC 2, PCI DSS, and GDPR compliance 5x faster — with real-time risk monitoring and automated evidence collection.

Clay API Limits, Authentication & Rate Limits Explained

Your enrichment workflow ran perfectly on 50 test records. Then you pointed it at 10,000 contacts and everything collapsed: 429 errors, duplicate CRM writes, and a credit balance that evaporated overnight. The Clay API usually is not the root cause. The root cause is treating authentication, rate limits, and

GTM Data Stack for US Outbound Teams

Outbound has changed. Spray-and-pray cadences that worked five years ago now burn through contact lists, damage sender reputation, and leave revenue teams short on pipeline. What separates high-performing US outbound teams in 2026 is not effort or headcount. It is the quality, governance, and architecture of the GTM Data Stack.