> developers often rely on encryption at rest as a gold standard security measure
and they shouldn't.
Security isn't a list of checkboxes to tick.