It seems like a shorter session expiration time could help with analysis because you don’t have to worry about bugs that were fixed long ago. The longer the expiration time is, the farther you have to go back in history when thinking about how an old bug might have been exploited.
(Similarly for key rotations.)
This might affect how long you want to retain logs?
(Similarly for key rotations.)
This might affect how long you want to retain logs?