A graph representation of a designated application may be created. The graph representation may include nodes that each represent a computer programming code statement associated with the designated application as well as edges that each represent a logical linkage between two or more computer programming code statements. A determination may be made as to whether the designated application constitutes an unacceptable security risk by comparing the designated graph representation with a plurality of comparison graph representations. When it is determined that the designated application constitutes an unacceptable security risk, a message may be transmitted to prevent the designated application from being executed.