Honeypots provide the best way I know of to detect attackers or unauthorized snoopers. Honeypots are typically used for two primary reasons: early warning or forensic analysis. Early-warning honeypots are great at catching hackers and malware that other systems have missed. The number of vendors offering honeypot products, such as Canary or KFSensor, continues to grow. Most honeypots should be placed near the assets they are attempting to mimic, including the CEO’s or other high-level C-level employees’ laptops.”]
Source: https://www.csoonline.com/article/3128818/10-decisions-youll-face-when-deploying-a-honeypot.html