How does this compare to Project Honeypot?

I've had really good results at Kiva with Project Honeypot and http:bL but have also implemented a local management for whitelisting/blacklisting IPs to work around what it misses or is overzealous on.

The cool thing is you can pair this with Ansible and get 1,000's of honeypots deployed at once. In a proof of concept we deployed nearly dozens using digital ocean API and got blocked by their API creation limits.

If you use more interesting honeypot software like Conpot you can monitor which countries are attacking SCADA systems, etc.

What's evil about finding out which ports are being attacked and by who?

This is just speculation, but maybe it's a reference to the fact that the company is funded (in part) by Google.