A centralized controller for probing and securing vulnerable network resources is disclosed. A list of services hosted by a resource is received at the controller. A request to probe the list of services hosted on the resource is received by the controller. A probe candidate is determined by the controller. The probing is triggered by the controller based on a user scheduled time. The probing includes sending a probe packet that contains a special marker. The controller sends the list of resources to be probed for a set of port and protocol, to the probe candidate. A probe result generated as a result of the probing is received at the controller. The probe result includes vulnerable service information. A policy is computed based on the probe result and is enforced on the probed resources.