SP Salvatore Pesti / Edge & Secure Web
— : — WITA Start a project
Available · Q3 2026 · Independent practice — solo by design

Edge systems,
secure by default.

I'm Salvatore Pesti — an independent engineer building secure, performant web systems at the edge. From authentication to deployment, with a quiet bias for getting the unglamorous parts right.

Start a project Selected work
Practice
Independent
Based
Bali, Indonesia · UTC+8
Clients
EU · US · APAC
Stack focus
Cloudflare · TypeScript · Linux
01About

A senior engineer for teams that can't afford to get the foundation wrong.

I build the parts of the web stack that tend to be invisible until they fail — edge infrastructure, authentication, security posture, deployment pipelines.

My approach is patient and unfussy. I prefer fewer dependencies, clearer boundaries, and systems that are easy to reason about a year later. I write the tooling that makes the next change cheap.

Italian by origin, based in Bali by choice — operating from a timezone that gives most of Asia a full day's overlap and the rest of the world a working window. Remote isn't a compromise; it's how the practice was built from day one.

02Expertise

Fourteen disciplines, one spine. Edge, security, and the boring engineering that makes both possible.

01Edge Infrastructure
02Secure Web Architecture
03Systems-Level Full-Stack Engineering
04Infrastructure & Deployment Automation
05Frontend Performance Optimization
06Cloudflare Ecosystem
07Authentication Systems
08CDN & Caching Strategies
09API Design & Edge Compute
10Browser Security Hardening
11Automated Release Pipelines
12Linux Systems Administration
13Security Auditing & Hardening
14Custom Tooling & Workflow Engineering
03Selected Work

Long engagements, quiet outcomes. A few I can talk about.

martahowell.jpg real client · live
Case 01· 2026 / Ongoing

MartaHowell Jewellery — Edge infrastructure for a private luxury wholesale showroom.

Marta Howell Jewellery — Secure edge-native wholesale showroom platform built on Cloudflare infrastructure. Architected authenticated client access, D1-backed credential systems, immutable R2 CDN asset delivery, KV-powered catalog data, and an automated FileMaker deployment pipeline powering a live global showroom experience. HSTS preload-listed · Hardened browser security architecture.

Cloudflare Workers D1 R2 KV TypeScript Python FileMaker HSTS preload-listed Mozilla Observatory 130/100
Role
Architect & lead engineer
Duration
Ongoing
Sector
Jewellery e-commerce
Stack
Cloudflare edge · FileMaker
Read case study →
holography-cli.sh open-source · live
Case 02· 2026

Holography — graph-aware agent framework for Claude Code.

Open-source CLI that installs a persistent, graph-aware agent framework into any codebase — giving Claude Code structural memory that survives session restarts. Runs a static analysis graph over the project, detects god nodes (high-risk files), assigns file ownership to named agents, and gates every AI-generated diff through a validator before it hits disk.

Node.js Python graphify Claude Code CLI pytest
Role
Design & build, solo
Type
Open-source
Sector
Developer tooling
Stack
AST graph · agent framework
Read case study →
reel-engine.mp4 pipeline · live
Case 03· 2026 / Ongoing

reel-engine — fully automated YouTube content production pipeline.

A-to-B pipeline with zero human intervention. Cron orchestration, API publishing, and SQLite state tracking. 500 hours of output shipped, running daily without manual input.

Python SQLite YouTube API Cron
Role
Design & build, solo
Duration
Ongoing
Sector
Content automation
Outcome
500 hrs shipped · daily
Read case study →
04Approach

A small number of principles, repeated until they're boring.

— 01

Read the system before you touch it.

Every engagement starts with a written audit — what's in place, what's load-bearing, what's quietly bleeding budget or risk.

— 02

Boundaries over abstractions.

Fewer layers, clearer contracts. I'd rather write 200 honest lines than wire up a framework that hides the actual problem.

— 03

Security is a posture, not a sprint.

Hardening lives in the defaults — headers, cookies, build, dependencies, deploy. Audited, not bolted on.

— 04

Ship in the open.

Public branches, short cycles, written decisions. Clients can read the diff long before they read the invoice.

— 05

Tooling earns its keep.

If a script saves a teammate a meeting a week, it pays for itself in a month. I write a lot of those.

— 06

Leave it better documented than you found it.

The handoff is the deliverable. Architecture diagrams, runbooks, decision logs — written for the next person.

Have a system that needs
a steadier hand?

[email protected] Book an intro call
Code
GitHub
Network
LinkedIn
Encrypted
Signal
Key
PGP