The Active Cyber Defense Cycle is a strategy for cyber defense that consists of five processes: 1) Threat intelligence consumption to understand the threat landscape and adversary's capabilities. 2) Asset identification and network security monitoring to identify the organization's systems and detect abnormalities. 3) Incident response to determine the scope of threats, collect evidence, and focus on keeping operations running. 4) Threat and environment manipulation to interact with threats in a controlled environment to learn tactics and feed back into threat intelligence. 5) These processes work together in a cycle to better understand adversaries and defend the organization's systems and missions over time.