By OpenSSF and OSSAfrca
Why OSSAfrica Exists
OSSAfrica Logo
Open source software powers nearly everything we use today, from the operating systems on our devices to the cloud platforms that run critical services, financial systems, and government infrastructure. We’re also seeing new challenges and vulnerabilities in popular software libraries that can ripple across entire ecosystems. Maintainers who keep these projects running often do it alone, with limited resources and support. In many parts of Africa, access to security training is scarce, communities are spread out, and there aren’t clear paths to get involved in global open source security work.
That’s why OSSAfrica exists.
Open Source & Security Africa (OSSAfrica) is a community-led initiative bringing together people who care about open source and security across the continent. We’re building connections between contributors, software developers, maintainers, researchers, and security professionals. We’re not trying to replace already existing community efforts. Rather, we aim to serve as a supportive bridge that helps everyone collaborate more effectively. Â
Our goal is straightforward: to help build an African open source ecosystem that’s secure, sustainable, and has a strong voice in global conversations about open source and security. We want to make sure that as Africa’s software contributions continue to grow, we’re doing it in a way that protects both our communities and the wider world that depends on the solutions we build.
The Role of Community in Open Source Security
Open source security is often discussed in technical terms: vulnerability scanning, dependency management, patching workflows, and automation. While these tools and practices are essential, they represent only one layer of the problem. At its core, open source security is as much a people problem as it is a technical one. Long-term security outcomes depend on who maintains the software, how contributors are supported and onboarded, how knowledge is shared, and how trust is built and sustained over time. These are fundamentally human and organizational challenges.
Communities are where security awareness takes root. They’re where developers learn secure coding practices, where maintainers find support, and where collective responsibility replaces individual burnout. Many contributors across Africa engage with open source projects individually, without consistent access to mentorship, security-focused learning opportunities, or broader community support. Software contributions often happen in isolation, disconnected from the networks and knowledge-sharing that strengthen both code quality and security practices.
OSSAfrica has emerged to help lower these barriers. We believe that strengthening relationships, increasing visibility into security practices, and encouraging collaboration across regions and projects can meaningfully impact the resilience of open source software across the continent. We approach this work with humility and openness, positioning ourselves as facilitators and conveners rather than authorities or owners of solutions. Our role is to create space for community members to learn from one another, surface challenges, collectively explore solutions, and align with global best practices while remaining sensitive to local realities and constraints.
OSSAfrica’s Focus Areas
OSSAfrica’s work is grounded in practical, achievable goals that support long-term ecosystem health. Our activities aim to center around a few focus areas:
Community Building and Contributor Engagement
We work to connect individuals, groups, and communities across Africa who are engaged in open source and security, many of whom may otherwise operate in isolation. By creating opportunities for cross-community dialogue, peer learning, and collaboration, we help reduce duplication of effort and promote shared learning. This includes building spaces where contributors at different experience levels can engage meaningfully with one another.
Implementing Solutions for African Challenges
While collaboration with global initiatives is important, we also recognize that Africa faces unique challenges that require locally developed solutions. OSSAfrica supports and facilitates the creation of tools, frameworks, and approaches specifically designed to address the security and open source needs across the continent by empowering African contributors to build solutions that work for African contexts.
Security Awareness and Education
Security knowledge shouldn’t be restricted to advanced credentials or inaccessible resources. Through community calls, discussions, project collaboration, and future training initiatives, we aim to make open source security concepts clearer, and make them approachable and relevant to everyday open source work. Our focus is on helping contributors at different stages of their journey understand secure development practices, open source governance, and responsible contribution models.
Collaboration With Existing Projects and Foundations
OSSAfrica actively seeks partnerships and collaborations with existing open source projects, communities, and global foundations. This approach ensures that our work remains aligned with established standards and that community energy is directed toward meaningful impact.
Creating Pathways for African Contributors
Many African developers, security professionals, and software contributors want to participate in global open source security initiatives but lack clear entry points. We aim to surface and support these pathways, whether through documentation, governance participation, community leadership, education, or technical work. This includes improving visibility, reducing friction to entry, and encouraging participation in working groups, discussions, and leadership opportunities across the global open source ecosystem.
Relationship with the OpenSSF and BEAR Working Group
OSSAfrica currently operates as a Special Interest Group under the Open Source Security Foundation (OpenSSF), specifically within the Belonging, Empowerment, Allyship and Representation (BEAR) Working Group.
OpenSSF provides globally recognized frameworks, best practices, and governance models that help communities build security maturity in a structured and transparent way. By operating within this ecosystem, OSSAfrica ensures that our work is grounded in established open source security practices while remaining connected to a broader global community. This approach helps us avoid fragmentation and maintain consistency with wider open source and security efforts.
OSSAfrica benefits from OpenSSF’s resources, guidance, mentorship, and shared learning, while also bringing regional perspectives, insights, and experiences into the conversation.Â
Current Status and What’s Being Built
OSSAfrica is in an early stage of development. Our focus right now is on building a strong foundation that will support long-term community engagement and sustainable security practices.
Current initiatives include:
Open community calls and discussions where we gather input, share ideas, host office hours, and encourage shared ownership.Â
Governance and documentation work to establish clear processes, define roles and expectations, and ensure clarity around scope and decision-making.Â
Early collaboration with individuals, organizations, and contributors interested in education, advocacy, secure open source practices, and software contributions.
How to get involved
OSSAfrica is open by design and thrives on collaboration. Getting involved is simple, and there are multiple ways to contribute based on your interests, skills, and availability, regardless of your experience or background.
Participate in Discussions and Open Calls: Join community calls, virtual meetups, and open discussions to exchange ideas, ask questions, share insights, and learn from peers.Â
Contribute to Projects and Resources: OSSAfrica hosts GitHub repositories and collaborative initiatives where you can help with code, documentation, research, educational materials, or software contributions.
Share Knowledge and Spread Awareness: Even if you’re not contributing code, your experience matters. Share insights from your projects, or help educate others about open source and security practices in your local networks, universities, tech hubs, or organizations.Â
Support or Partner as an Organization: Organizations and projects interested in collaboration are encouraged to engage. You can participate by providing resources, mentorship, or collaborative opportunities. Partnerships with communities and projects can create pathways for more African contributors to engage globally. OSSAfrica welcomes partnerships that align with our mission and values and help strengthen the broader ecosystem.
Stay Connected and Informed
Follow OSSAfrica’s community spaces to stay up to date with meetings, projects, and opportunities:
- Join our Discord community server for active discussions
- Connect through the OpenSSF BEAR working group Slack
- Contribute to our work on GitHub
Looking ahead
Looking forward, OSSAfrica aims to amplify African contributions within the broader ecosystem. The long-term vision is not centralised control or rapid expansion, but a resilient network of communities capable of sustaining themselves, supporting one another, and contributing meaningfully to secure open source software worldwide.
Open source security works best when everyone participates. OSSAfrica connects African developers, security professionals, organizers, and advocates to ensure our ecosystem isn’t just growing, it’s helping shape global security practices.
The future of open source security is collective, and everyone deserves a seat at the table.