This document proposes a machine learning approach to detect phishing websites using internal organizational data. It discusses extracting features from URLs and using those features to train a classification model to identify legitimate versus phishing websites. The model would be deployed as a REST API and used to analyze unknown web traffic in real-time. Some benefits include reduced reliance on third parties, tailored insights using internal data, and proactive rather than reactive protection against phishing. Challenges include collecting sufficient baseline data and balancing accuracy with user experience.