A system for sanitizing an organization's network against attacker breach, including a data collector, gathering information about network hosts, an analyzer constructing the organization's network topology, a machine learning engine categorizing the hosts into organizational units and identifying key assets of the organization, a security rules engine mapping real-time data, and inferring security rules that prescribe on which specific hosts which specific credentials are permitted to be stored, and a user interface including an analyst dashboard enabling an analyst to visualize in real-time activities within the organizations' network, to automatically infer security rules for the network, to activate the security rules in the network, and to eliminate potential attack vectors for which the activated security rules are violated, and an attacker view visualizing the organization's network, identifying security rule violations across the organization's network, and enabling removal of credential-based security rule violations by use of actions.