A static analysis tool is augmented to provide for enhanced security vulnerability determination from generated code traces. According to this disclosure, a multiple sequence alignment is applied to a set of traces generated by static analysis of application source code. The output of this operation is an alignment result that simplifies the traces, e.g., by representing many common nodes as a single node. In particular, the sequence alignment identifies entries in the alignment result that represent at least one code execution path that multiple traces in the set of traces include. A call graph can then be output that includes the at least one code execution path identified, and that call graph can also be simplified by applying a compression portions of the traces that are used to generate it. Using multiple sequence alignment and simplified call graphs enable a user to identify security vulnerabilities more efficiently.