docs(architect): weekly KB update — 106 files refreshed (2026-04)

Updates across all 5 skills: ms-ai-advisor, ms-ai-engineering,
ms-ai-governance, ms-ai-security, ms-ai-infrastructure.

Key changes:
- Language Services (Custom Text Classification, Text Analytics, QnA):
  retirement warning 2029-03-31, migration guides to Foundry/GPT-4o
- Agentic Retrieval: 50M free reasoning tokens/month (Public Preview)
- Computer Use: Claude Sonnet 4.5 (preview) + OpenAI CUA models
- Agent Registry: Risks column (M365 E7), user-shared/org-published types
- Declarative agents: schema v1.5 → v1.6, Store validation requirements
- MLflow 3: 13 built-in LLM judges, production monitoring, Genie Code
- AG-UI HITL: ApprovalRequiredAIFunction (C#) + @tool(approval_mode) (Python)
- Entra ID Ignite 2025: Agent ID Admin/Developer RBAC roles, Conditional Access
- Security Copilot: 400 SCU/month per 1000 M365 E5 licenses, auto-provisioned
- Fast Transcription API: phrase lists, 14-language multi-lingual transcription
- Azure Monitor Workbooks: Bicep support, RBAC specifics
- Power Platform Copilot: data residency (Norway/Europe → EU DB, Bing → USA)
- RAG security-rbac: 4-approach table (GA + 3 preview access control methods)
- IaC MLOps: Well-Architected OE:05 principles, Bicep/Terraform patterns
- Translator: image file batch translation Preview (JPEG/PNG/BMP/WebP)

All 106 files: Last updated 2026-04 | Verified: MCP 2026-04

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

plugins/ms-ai-architect/skills/ms-ai-security/references/ai-security-engineering/ai-incident-response-procedures.md

@@ -1,6 +1,6 @@
 # AI Incident Response and Breach Handling Procedures
 
-**Last updated:** 2026-04
+**Last updated:** 2026-04 | Verified: MCP 2026-04
 **Status:** Established Practice
 **Category:** AI Security Engineering
 
@@ -586,7 +586,7 @@ Set-AzSecurityContact -Name "default1" `
 
 ### Konfidensnivå
 
-**Verified (High Confidence)** — Alle Azure-native tools, services og incident response procedures er verifisert via Microsoft Learn MCP-research (februar 2026). Prisestimater basert på offisiell Azure pricing, men kan variere ved currency fluctuation og regional pricing.
+**Verified (High Confidence)** — Alle Azure-native tools, services og incident response procedures er verifisert via Microsoft Learn MCP-research (februar 2026, re-verifisert april 2026). CAF Secure AI-dokumentet bekrefter: AI asset inventory via Azure Resource Graph, AI communication channel security (Managed Identities, Virtual Networks, APIM for MCP server-endepunkter), og Purview Insider Risk Management for prompt-basert data exfiltration-deteksjon. Prisestimater basert på offisiell Azure pricing, men kan variere ved currency fluctuation og regional pricing.
 
 **Baseline (Model Knowledge)** — Generell incident response framework (NIST SP 800-61), MITRE ATT&CK for ML, og best practices for forensics/chain of custody basert på industry standards. Norwegian regulatory requirements verifisert via offentlige kilder (Datatilsynet, NSM, Lovdata).
 

plugins/ms-ai-architect/skills/ms-ai-security/references/ai-security-engineering/ai-threat-modeling-stride.md

@@ -1,6 +1,6 @@
 # AI Threat Modeling Using STRIDE Framework
 
-**Last updated:** 2026-04
+**Last updated:** 2026-04 | Verified: MCP 2026-04
 **Status:** Established Practice
 **Category:** AI Security Engineering
 

plugins/ms-ai-architect/skills/ms-ai-security/references/ai-security-engineering/data-leakage-prevention-ai.md

@@ -1,7 +1,7 @@
 # Data Leakage Prevention in AI Contexts
 
 **Kategori:** AI Security Engineering
-**Sist oppdatert:** 2026-04
+**Sist oppdatert:** 2026-04 | Verified: MCP 2026-04
 **Målgruppe:** Enterprise AI architects og security teams
 
 ## Oversikt
@@ -758,6 +758,6 @@ az monitor metrics alert create \
 **Microsoft Learn kilder:**
 - [Microsoft Purview DLP for Copilot](https://learn.microsoft.com/en-us/purview/dlp-microsoft365-copilot-location-learn-about)
 - [Azure AI Services DLP](https://learn.microsoft.com/en-us/azure/ai-services/cognitive-services-data-loss-prevention)
-- [Secure AI (Cloud Adoption Framework)](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/secure)
+- [Secure AI (Cloud Adoption Framework)](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/secure) — Verified MCP 2026-04: Bekrefter bruk av Microsoft Purview DLP for AI-workflows, content filtering for å forhindre sensitiv informasjonslekkasje, og Purview Insider Risk Management for prompt-basert data exfiltration-deteksjon og identifisering av risikofull AI-atferd.
 - [Artificial Intelligence Security (MCSB)](https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-v2-artificial-intelligence-security)
 - [Confidential AI](https://learn.microsoft.com/en-us/azure/confidential-computing/confidential-ai)

plugins/ms-ai-architect/skills/ms-ai-security/references/ai-security-engineering/entra-agent-id-zero-trust.md

@@ -1,7 +1,7 @@
 # Microsoft Entra Agent ID — Zero Trust for AI-agentidentiteter
 
 **Kategori:** AI Security Engineering
-**Sist oppdatert:** 2026-04
+**Sist oppdatert:** 2026-04 | Verified: MCP 2026-04
 **Status:** Public Preview (annonsert Ignite november 2025, utvidet preview; opt-out er midlertidig — vil bli obligatorisk for nye agenter) *(Verified MCP 2026-04)*
 **Målgruppe:** Arkitekter som skal sikre AI-agenter med dedikerte identiteter og Zero Trust-prinsipper
 
@@ -422,7 +422,7 @@ Når en Foundry-agent publiseres, endres identiteten fra delt prosjektidentitet
 8. [Governing Agent Identities (Preview)](https://learn.microsoft.com/entra/id-governance/agent-id-governance-overview) — Identity Governance for agenter
 9. [Conditional Access for Agent ID (Preview)](https://learn.microsoft.com/entra/identity/conditional-access/agent-id) — Conditional Access for agentidentiteter
 10. [Protect agent identities with Microsoft Entra](https://learn.microsoft.com/microsoft-agent-365/admin/capabilities-entra) — Microsoft Agent 365-integrasjon
-11. [What's new at Microsoft Ignite 2025 - Microsoft Entra](https://learn.microsoft.com/entra/fundamentals/whats-new-ignite-2025) — Annonsering og ny dokumentasjon
+11. [What's new at Microsoft Ignite 2025 - Microsoft Entra](https://learn.microsoft.com/entra/fundamentals/whats-new-ignite-2025) — Annonsering og ny dokumentasjon. Verified MCP 2026-04: Bekrefter 50+ nye artikler om Agent ID, nye RBAC-roller (Agent ID Administrator, Agent ID Developer, Agent Registry Administrator), Conditional Access for agentidentiteter, Identity Protection for agenter (risky agents concept), AI Prompt Shield (Entra Internet Access), og Security Copilot + Entra-integrasjoner.
 12. [Surfing the AI Wave: Manage, Govern, and Protect AI Agents with Microsoft Entra Agent ID](https://techcommunity.microsoft.com/blog/microsoft-entra-blog/surfing-the-ai-wave-manage-govern-and-protect-ai-agents-with-microsoft-entra-age/2464407) — Offisiell Microsoft Entra-blogg, Ignite 2025
 
 ---

plugins/ms-ai-architect/skills/ms-ai-security/references/ai-security-engineering/security-copilot-integration.md

@@ -1,7 +1,7 @@
 # Microsoft Security Copilot — AI-drevet sikkerhetsoperasjonsplattform
 
 **Kategori:** AI Security Engineering
-**Sist oppdatert:** 2026-04
+**Sist oppdatert:** 2026-04 | Verified: MCP 2026-04
 **Målgruppe:** Sikkerhetsarkitekter og SOC-ledere som vurderer AI-assistert sikkerhetsoperasjon
 
 ## Introduksjon
@@ -420,14 +420,14 @@ Per 2026-02: Security Copilot er kun tilgjengelig på kommersielt skynivå — i
 
 ## Kilder
 
-Basert på offisiell Microsoft Learn-dokumentasjon (sist verifisert 2026-04 via MCP): *(Verified MCP 2026-04)*
+Basert på offisiell Microsoft Learn-dokumentasjon (sist verifisert 2026-04 via MCP): *(Verified MCP 2026-04)* — Inklusjonsmodellen (M365 E5 → 400 SCU/1000 lisenser, maks 10 000 SCU/mnd, zero-click provisjonering) er bekreftet via MCP-fetch av security-copilot-inclusion og get-started-security-copilot.
 
 1. [What is Microsoft Security Copilot?](https://learn.microsoft.com/copilot/security/microsoft-security-copilot) — Overordnet produktbeskrivelse
 2. [Microsoft Security Copilot agents overview](https://learn.microsoft.com/copilot/security/agents-overview) — Komplett agentoversikt
 3. [Deploy AI agents in Microsoft Defender](https://learn.microsoft.com/defender-xdr/security-copilot-agents-defender) — Defender-spesifikke agenter
 4. [Security Copilot with Microsoft Sentinel](https://learn.microsoft.com/azure/sentinel/sentinel-security-copilot) — Sentinel-integrasjon
-5. [Learn about Security Copilot inclusion in Microsoft 365 E5](https://learn.microsoft.com/copilot/security/security-copilot-inclusion) — E5-lisensiering og SCU-modell
-6. [Get started with Microsoft Security Copilot](https://learn.microsoft.com/copilot/security/get-started-security-copilot) — Onboarding og lisensiering
+5. [Learn about Security Copilot inclusion in Microsoft 365 E5](https://learn.microsoft.com/copilot/security/security-copilot-inclusion) — E5-lisensiering og SCU-modell. Verified MCP 2026-04: Bekrefter rollout startet 18. november 2025, 400 SCU/måned per 1000 brukerlisenser (maks 10 000 SCU/mnd), zero-click auto-provisionering med 30-dagers forhåndsvarsel, SCU nullstilles månedlig, Developer Experiences (Agent Builder, MCP og Graph API-integrasjoner) er inkludert.
+6. [Get started with Microsoft Security Copilot](https://learn.microsoft.com/copilot/security/get-started-security-copilot) — Onboarding og lisensiering. Verified MCP 2026-04: Bekrefter to kundekategorier — M365 E5-kunder (auto-provisionert) og ikke-E5-kunder (manuell onboarding med SCU-provisjonering). M365 E5-kunder trenger ikke Azure-oppsett eller manuell SCU-tildeling.
 7. [Create your own custom plugins](https://learn.microsoft.com/copilot/security/custom-plugins) — Egendefinerte plugins
 8. [Microsoft Security Copilot Phishing Triage Agent](https://learn.microsoft.com/defender-xdr/phishing-triage-agent) — Phishing Triage Agent detaljer
 9. [Security Copilot agents in Intune overview](https://learn.microsoft.com/intune/agents/) — Intune-agenter