“River Security has helped us turn external exposure into clear priorities. The combination of continuous testing and practical follow-up gives us confidence that we’re improving the right things across both our Norwegian and German environments.”
Harald Grov, IT Manager, Speira Norway
From PoC to a Scaled Partnership
The collaboration between Speira and River Security began in Norway, where Speira wanted a clearer and more continuous understanding of its external exposure. After a successful Proof of Concept, Speira entered a one-year agreement, confirming the value of continuous testing combined with structured follow-up.
As confidence in the approach grew, the scope expanded from Speira AS in Norway to also include Speira GmbH in Germany. This stepwise expansion reflects how effective security partnerships should develop:
Start by delivering fast, measurable value, then scale across the organization.
Through a continuous and structured testing approach, River Security identified security issues and delivered insights that were both technically sound and directly actionable.
A Realistic View of Security Risk
Unauthenticated testing through River Security’s Active Focus service provided visibility into Speira’s external attack surface, showing how an attacker could target the organization without prior access.
This was complemented by assumed breach and authenticated testing, providing deeper insight into internal risk and the potential impact of a compromised user or system. Together, these perspectives enabled Speira to prioritize the most critical improvements based on real-world risk, not just theoretical findings.
The result is a stronger and more resilient security posture across both Norwegian and German environments.
A Partnership Built on Clarity and Execution
Speira operates in a complex industrial environment where reliability and resilience are essential. With multiple sites and a broad European footprint, the challenge is not a lack of findings, but knowing what to address first and how to make steady progress.
River Security supports Speira with an attacker-minded perspective and a structured way of translating insight into remediation, helping internal teams focus effort where risk reduction matters most.
How River Security Supports Speira
- Continuous penetration testing & attack surface monitoring
Ongoing visibility into external exposure to reduce blind spots and catch changes early.
- Active Focus platform & customer portal
Clear prioritization and progress tracking, built to support execution rather than static reporting.
- Assumed breach testing
Deeper understanding of internal risk and realistic attack paths.
- Security sparring & structured follow-up
Regular sessions to align actions with current risk and maintain momentum.
- Scalable coverage across entities
A structured approach to expand from Norway to broader European coverage, including Germany.
“For organizations of this scale and operational complexity, cyber security must be continuous, practical, and measurable, especially as exposure evolves with suppliers, technologies, and business requirements.”
Magnus Holst, CEO. River Security
Key Takeaways
- A successful PoC validated a continuous security approach and led to a one-year agreement.
- The collaboration scaled from Norway to a broader European scope, including German environments.
- Continuous testing, clear prioritization, and structured follow-up support steady, measurable improvement.
Facts
Speira is a leading European aluminium rolling and recycling company, operating 11 production and recycling sites across Norway and Germany, with approximately 5,400 employees.
