The main Virtuoso Open Server page mentions encryption-at-rest as one of the features:

Virtuoso helps you build powerful solutions applications driven by knowledge graphs derived from a variety of life sciences oriented data sources. For super sensitive competitive information it also includes powerful attribute-based access controls and encryption-at-rest amongst if deep collection of data privacy and security functionality.

However I can’t find any mentions about it in the documentation. Which versions offer support for it? How do I enable it?

Virtuoso VAL authentication provides WebID TLS Delegation and OpenID Connect secure certificate based authentication and authorisation to resources in the Virtuoso database, in the latest Release 8.x product.

How does encryption fit into the authentication and authorisation? Does that mean that storage is encrypted by default?

Encryption-at-Rest (EAR) is a Virtuoso 8.3.x commercial edition only feature.