Split key showing physical license key and digital circuit encryption key with Ed25519 signature seal above and dual-envelope architecture showing blue customer and amber master envelopes connected to locked document

Encryption and Licensing: How We Built It for a Shipped Product

The complete story of designing a licensing and backup encryption system for a product shipped to customer sites. Ed25519 digital signatures, dual-envelope AES-256-GCM encryption, SHA-256 key derivation, and the master key trust trade-off.

June 25, 2026 · Uttam Jaiswal
Four translucent stacked encryption layers showing hardware disk encryption in amber, filesystem volume encryption in blue, database TDE in green, and column-level encryption in purple with S3 bucket and key on the side

Database Encryption: What 'Encrypted at Rest' Actually Means

Filesystem encryption, database TDE, column-level encryption, S3 server-side vs client-side - what each layer actually protects, the gaps between them, and how to choose. Drawn from real customer conversations.

June 5, 2026 · Uttam Jaiswal
Split golden padlock showing symmetric single key and asymmetric key pair with three glowing icons below representing symmetric encryption asymmetric encryption and hashing on dark navy background

Encryption Demystified: Symmetric, Asymmetric, Hashing Explained

A practitioner’s walkthrough of encryption fundamentals - symmetric, asymmetric, hashing - with real algorithm comparisons, a decision framework, and common mistakes from two decades of building production systems.

May 27, 2026 · Uttam Jaiswal
Split composition showing a grounded F-35 fighter jet with maintenance crews on the left representing monolithic enterprise platforms and a swarm of agile drones flying in formation on the right representing composable modular architectures

Enterprises Are Buying F-35s. The Future Belongs to Drones.

Most enterprises are buying the F-35s of software - full-scale platforms engineered for extreme scenarios they will never face. The future belongs to composable, modular architectures. A perspective on capability thinking vs platform thinking.

April 14, 2026 · Uttam Jaiswal
BitLocker encryption split key visualization showing user holding golden key connected to shield with lock symbol and Microsoft cloud, illustrating shared control and trust boundaries in disk encryption key management

BitLocker Didn't Fail. Trust Did.

BitLocker encryption didn’t fail—trust boundaries shifted. When recovery keys are escrowed by default, control becomes conditional. Linux LUKS, VeraCrypt alternatives, and key management strategies for conscious trust decisions.

January 26, 2026 · Uttam Jaiswal
Digital sovereignty visualization showing global network connections with India highlighted in orange glow representing sovereign infrastructure, while international data flow lines illustrate geopolitical dependencies in digital infrastructure

Digital Sovereignty: When Geopolitics Disrupts Your Infrastructure

When geopolitics enters the infrastructure layer, convenience without control becomes fragile. Real incidents, technical alternatives, and why sovereignty requires deliberate architecture.

January 25, 2026 · Uttam Jaiswal
HashiCorp Vault securing Kubernetes secrets with multi-cluster architecture

Vault Kubernetes Secrets: HA Raft Multi-Cluster Journey

A real-world journey with HashiCorp Vault, HA Raft, and multi-cluster secret injection, built from production lessons, not lab demos.

January 14, 2026 · Uttam Jaiswal
Breaking free from chained SaaS cloud to self-hosted GitLab with security shield

Breaking Free: SaaS GitLab to Self-Hosted Migration

A security audit exposed access control gaps in our SaaS GitLab. Here’s how we migrated to self-hosted GitLab, integrated with our corporate IDAM, and took control of our DevOps destiny.

December 19, 2025 · Uttam Jaiswal